Unrated severityNVD Advisory· Published Feb 13, 2019· Updated Sep 16, 2024
CVE-2018-20232
CVE-2018-20232
Description
The labels widget gadget in Atlassian Jira before version 7.6.11 and from version 7.7.0 before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the rendering of retrieved content from a url location that could be manipulated by the up_projectid widget preference setting.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2- www.securityfocus.com/bid/107023mitrevdb-entryx_refsource_BID
- jira.atlassian.com/browse/JRASERVER-68614mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.