CVE-2021-39117
30.08.2021, 07:15
The AssociateFieldToScreens page in Atlassian Jira Server and Data Center before version 8.18.0 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability via the name of a custom field.
| Vendor | Product | Version |
|---|---|---|
| atlassian | data_center | 𝑥 < 8.18.0 |
| atlassian | jira | 𝑥 < 8.18.0 |
𝑥
= Vulnerable software versions