cbcvebase.
CVE-2020-4021
published 2020-06-01

CVE-2020-4021: Affected versions are: Before 8.5.5, and from 8.6.0 before 8.8.1 of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or…

medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
Affected versions are: Before 8.5.5, and from 8.6.0 before 8.8.1 of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the XML export view.

Affected

9 ranges
VendorProductVersion rangeFixed in
atlassianjira< 7.13.167.13.16
atlassianjira_data_center>= 8.0.0 < 8.5.58.5.5
atlassianjira_data_center>= 8.6.0 < 8.8.18.8.1
atlassianjira_server>= 8.0.0 < 8.5.58.5.5
atlassianjira_server>= 8.6.0 < 8.8.18.8.1
atlassianjira_server_and_data_center>= 8.6.0 < unspecifiedunspecified
atlassianjira_server_and_data_center>= unspecified < 8.5.58.5.5
atlassianjira_server_and_data_center>= unspecified < 8.8.18.8.1
atlassianjira_software_data_center< 7.13.167.13.16