Unrated severityNVD Advisory· Published Feb 24, 2022· Updated Oct 4, 2024
CVE-2021-43943
CVE-2021-43943
Description
Affected versions of Atlassian Jira Service Management Server and Data Center allow attackers with administrator privileges to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the "Object Schema" field of /secure/admin/InsightDefaultCustomFieldConfig.jspa. The affected versions are before version 4.21.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3<4.21.0+ 2 more
- (no CPE)range: <4.21.0
- (no CPE)range: unspecified
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
1- jira.atlassian.com/browse/JSDSERVER-10980mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.