CVE-2018-5230
published 2018-05-14CVE-2018-5230: The issue collector in Atlassian Jira before version 7.6.6, from version 7.7.0 before version 7.7.4, from version 7.8.0 before version 7.8.4 and from version…
PriorityP346medium6.1CVSS 3.0
AVNACLPRNUIRSCCLILAN
EXPLOIT
EPSS
37.61%
98.3th percentile
The issue collector in Atlassian Jira before version 7.6.6, from version 7.7.0 before version 7.7.4, from version 7.8.0 before version 7.8.4 and from version 7.9.0 before version 7.9.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the error message of custom fields when an invalid value is specified.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| atlassian | jira | < 7.6.6 | 7.6.6 |
| atlassian | jira | >= 7.7.0 < unspecified | unspecified |
| atlassian | jira | >= 7.8.0 < unspecified | unspecified |
| atlassian | jira | >= 7.9.0 < unspecified | unspecified |
| atlassian | jira | >= unspecified < 7.6.6 | 7.6.6 |
| atlassian | jira | >= unspecified < 7.7.4 | 7.7.4 |
| atlassian | jira | >= unspecified < 7.8.4 | 7.8.4 |
| atlassian | jira | >= unspecified < 7.9.2 | 7.9.2 |
| atlassian | jira_server | >= 7.7.0 < 7.7.4 | 7.7.4 |
| atlassian | jira_server | >= 7.8.0 < 7.8.4 | 7.8.4 |
| atlassian | jira_server | >= 7.9.0 < 7.9.2 | 7.9.2 |
CVSS provenance
nvdv3.06.1MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
Atlassian Jira Confluence - Cross-Site Scripting
nuclei·CVSS 6.1
CVE-2018-5230 [MEDIUM] Atlassian Jira Confluence - Cross-Site Scripting
Atlassian Jira Confluence - Cross-Site Scripting
Atlassian Jira Confluence before version 7.6.6, from version 7.7.0 before version 7.7.4, from version 7.8.0 before version 7.8.4, and from version 7.9.0 before version 7.9.2, allows remote attackers to inject arbitrary HTML or JavaScript via a cross-site scripting vulnerability in the error message of custom fields when an invalid value is specified.
Template:
id: CVE-2018-5230
info:
name: Atlassian Jira Confluence - Cross-Site Scripting
author: madrobot
severity: medium
description: |
Atlassian Jira Confluence before version 7.6.6, from version 7.7.0 before version 7.7.4, from version 7.8.0 before version 7.8.4, and from version 7.9.0 before version 7.9.2, allows remote attackers to inject arbitrary HTML or JavaScript via a cross-site s
Recorded Future
Analyze Recent Atlassian Vulnerabilities and Keep Your Infrastructure Protected
blogs_recorded_future·CVSS 9.6
[CRITICAL] Analyze Recent Atlassian Vulnerabilities and Keep Your Infrastructure Protected
# Analyze Recent Atlassian Vulnerabilities and Keep Your Infrastructure Protected
For years, software solutions built by Atlassian have found their way to nearly every organization's software stack. Tools such as JIRA, Confluence, Bamboo, and BitBucket are often seen playing a crucial role in various departments across enterprises.
From managing projects or handling organization-wide documentation, to hosting the very code of a product being developed by the organization, the constant reliance upon and amount of historical data held within these applications have turned them into a lucrative target for attackers, expanding the attack surface in the process.
## Historical Atlassian Vulnerabilities
Traditionally, vulnerabilities within the Atlassian software stack have originated from di
Greynoiseio
NoiseLetter September 2024
blogs_greynoiseio
NoiseLetter September 2024
CVE Disclosure Early Warning Get an early warning when traffic spikes indicate a high likelihood of new disclosures
Compromised Asset Detection Find out immediately if an asset communicates with a malicious IP address
Vulnerability Prioritization Get real-time insight into active exploitation trends to better understand risk and severity
SOC Efficiency Filter out noisy, low priority and false-positive alerts from mass internet scanners
Incident Investigation Add context to incidents to speed the determinations of scope and timelines
Threat Hunting Quickly identify anomalous behavior and enrich your threat hunting campaigns
Why GreyNoise
CVE Disclosure Early Warning Get an early warning when traffic spikes indicate a high likelihood of new disclosures
Compromised Asset Detection Fin
HackerOne
Reflected XSS through multiple inputs in the issue collector on Jira
hackerone·2020-03-24·CVSS 6.1
CVE-2018-5230 [MEDIUM] Reflected XSS through multiple inputs in the issue collector on Jira
Reflected XSS through multiple inputs in the issue collector on Jira
**Note I put this as Medium because that's what the CVE is. This vulnerability is known and it's classified under CVE-2018-5230. Here's a link to the thread on it by Atlassian: https://jira.atlassian.com/browse/JRASERVER-67289
Description
I noticed when testing that your Jira installation at jira.roblox.com is running on version 7.6.3, which isn't the latest version. When you have something like Jira or Wordpress, having the latest installation is critical because lots of vulnerabilities for previous versions will be disclosed right after the company releases the latest version. That was the case here.
So I decided that since it was on 7.6.3, I'd check CVEs and see if there were any that effected Jira installations 7.6.
HackerOne
Cross Site Scripting via CVE-2018-5230 on https://apps.topcoder.com
hackerone·2020-02-24·CVSS 6.1
CVE-2018-5230 [MEDIUM] Cross Site Scripting via CVE-2018-5230 on https://apps.topcoder.com
Cross Site Scripting via CVE-2018-5230 on https://apps.topcoder.com
Hi, I found reflected xss on https://apps.topcoder.com via error message..
Payload : ``` %3CIFRAME%20SRC%3D%22javascript%3Aalert%28%27XSS%27%29%22%3E.vm ```
Vulnerable link : https://apps.topcoder.com/wiki/labels/%3CIFRAME%20SRC%3D%22javascript%3Aalert('XSS')%22%3E.vm
Step to reproduce : Create an account and visit the vulnerable url..
{F693517}
References :
https://www.cvedetails.com/cve/CVE-2018-5230/
https://www.exploit-db.com/exploits/37791
Best regards..
## Impact
Hackers can steal victim`s cookies
2018-05-14
Published