CVE-2019-20416
published 2020-06-30CVE-2019-20416: Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS)…
medium4.8CVSS 3.1
AVNACLPRHUIRSCCLILAN
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the project configuration feature. The affected versions are before version 8.3.0.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| atlassian | jira | < 8.3.0 | 8.3.0 |
| atlassian | jira_server | >= unspecified < 8.3.0 | 8.3.0 |
| atlassian | jira_software_data_center | < 8.3.0 | 8.3.0 |