The Trello board importer resource in Atlassian Jira before version 7.6.1 allows remote attackers who can convince a Jira administrator to import their Trello board to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the title of a Trello card.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: atlassian
Published: 2018-04-06T13:00:00Z
Updated: 2024-09-16T22:14:42.823Z
Reserved: 2018-02-01T00:00:00
Link: CVE-2017-18097
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2018-04-06T13:29:00.267
Modified: 2018-05-09T18:04:04.723
Link: CVE-2017-18097
Redhat
No data.