CVE-2019-8450

Summary

Various templates of the Optimization plugin in Jira before version 7.13.6, and from version 8.0.0 before version 8.4.0 allow remote attackers who have permission to manage custom fields to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a custom field.

Affected Software

VendorProductVersion RangeStatus
AtlassianJiraunspecified < 7.13.6affected
AtlassianJira8.0.0 < unspecifiedaffected
AtlassianJiraunspecified < 8.4.0affected

Weaknesses

  • Cross Site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References