CVE-2019-20414
29.06.2020, 07:15
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in Issue Navigator Basic Search. The affected versions are before version 7.13.9, and from version 8.0.0 before 8.4.2.
| Vendor | Product | Version |
|---|---|---|
| atlassian | jira | 𝑥 < 7.13.9 |
| atlassian | jira_data_center | 8.0.0 ≤ 𝑥 < 8.4.2 |
| atlassian | jira_server | 8.0.0 ≤ 𝑥 < 8.4.2 |
| atlassian | jira_software_data_center | 𝑥 < 7.13.9 |
𝑥
= Vulnerable software versions