Unrated severityNVD Advisory· Published Aug 20, 2013· Updated Jun 16, 2026
CVE-2013-5319
CVE-2013-5319
Description
Cross-site scripting (XSS) vulnerability in secure/admin/user/views/deleteuserconfirm.jsp in the Admin Panel in Atlassian JIRA before 6.0.5 allows remote attackers to inject arbitrary web script or HTML via the name parameter to secure/admin/user/DeleteUser!default.jspa.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:a:atlassian:jira:*:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:atlassian:jira:*:*:*:*:*:*:*:*range: <=6.0.4
- cpe:2.3:a:atlassian:jira:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira:6.0.3:*:*:*:*:*:*:*
- (no CPE)range: <6.0.5
Patches
Vulnerability mechanics
References
8- cxsecurity.com/issue/WLB-2013080065nvdExploit
- packetstormsecurity.com/files/122721nvdExploit
- secunia.com/advisories/54417nvdVendor Advisory
- www.securityfocus.com/bid/61647nvd
- www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5151.phpnvd
- jira.atlassian.com/browse/JRA/fixforversion/33790nvd
- jira.atlassian.com/invd
- jira.atlassian.com/secure/ReleaseNote.jspanvd
News mentions
0No linked articles in our index yet.