The CardLayoutConfigTable component in Jira Server and Jira Data Center before version 8.5.15, and from version 8.6.0 before version 8.13.7, and from version 8.14.0 before 8.17.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://jira.atlassian.com/browse/JRASERVER-72396 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: atlassian
Published: 2021-06-07T22:35:09.941016Z
Updated: 2024-09-17T01:21:56.570Z
Reserved: 2021-01-25T00:00:00
Link: CVE-2021-26079
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-06-07T23:15:08.097
Modified: 2022-03-30T13:29:49.883
Link: CVE-2021-26079
Redhat
No data.