Security Advisory

CVE-2021-43945

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-02-28 00:20:09

Last updated 2024-10-04 18:12:49

Assigner atlassian

State PUBLISHED

Description

Affected versions of Atlassian Jira Server and Data Center allow remote attackers with Roadmaps Administrator permissions to inject arbitrary HTML or JavaScript via a Stored Cross-Site Scripting (SXSS) vulnerability in the /rest/jpo/1.0/hierarchyConfiguration endpoint. The affected versions are before version 8.20.3.

← Browse all CVEs View on cve.org ↗