CVE-2020-4021

Summary

Affected versions are: Before 8.5.5, and from 8.6.0 before 8.8.1 of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the XML export view.

Affected Software

VendorProductVersion RangeStatus
AtlassianJira Server and Data Centerunspecified < 8.5.5affected
AtlassianJira Server and Data Center8.6.0 < unspecifiedaffected
AtlassianJira Server and Data Centerunspecified < 8.8.1affected

Weaknesses

  • Cross-Site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References