EditworkflowScheme.jspa in Jira Server and Jira Data Center before version 8.5.14, and from version 8.6.0 before version 8.13.6, and from 8.14.0 before 8.16.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://jira.atlassian.com/browse/JRASERVER-72432 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: atlassian
Published: 2021-06-07T22:25:11.650750Z
Updated: 2024-09-16T21:58:04.290Z
Reserved: 2021-01-25T00:00:00
Link: CVE-2021-26080
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-06-07T23:15:08.127
Modified: 2022-05-05T15:39:14.867
Link: CVE-2021-26080
Redhat
No data.