CVE-2020-4021

Affected versions are: Before 8.5.5, and from 8.6.0 before 8.8.1 of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the XML export view.
References
Link Resource
https://jira.atlassian.com/browse/JRASERVER-70923 Issue Tracking Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:atlassian:jira:*:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:jira_software_data_center:*:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:jira_data_center:*:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:jira_data_center:*:*:*:*:*:*:*:*

Information

Published : 2020-06-01 07:15

Updated : 2022-03-30 01:21


NVD link : CVE-2020-4021

Mitre link : CVE-2020-4021

Products Affected
No products.
CWE