CNNVD-202601-3424 Information
CNNVD ID
CNNVD-202601-3424
Related CVE
- CNNVD Published: 2026-01-21
Description (Chinese)
Atlassian WorklogPRO - Timesheets for Jira是澳大利亚Atlassian公司的一个工作时间管理插件。 Atlassian WorklogPRO - Timesheets for Jira 4.23.6-jira10之前版本和4.23.5-jira9之前版本存在安全漏洞,该漏洞源于允许用户和攻击者通过跨站脚本漏洞注入任意HTML或JavaScript。
Description (English)
Atlas sian WorklogPRO - Timesheets for Jira is a time management plugin for Atlassian in Australia. Atlas sian WorklogPRO - Timesheetes for Jira 4.23.6-jira10 and 4.23.5-jira9 have security gaps that stem from allowing users and attackers to inject any type of HTML or JavaScript through cross-site script loopholes.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Atlassian
Published
2026-01-21
Last Modified
2026-02-24
References
https://marketplace.atlassian.com/apps/1212626/worklogpro-timesheets-for-jira/version-history https://thestarware.atlassian.net/wiki/spaces/WLP/pages/3326574597/Security+Advisory+CVE-2025-57681+-+Stored+XSS+in+WorklogPRO+DC https://access.redhat.com/security/cve/cve-2025-57681
Patch
https://marketplace.atlassian.com/apps/1212626/worklogpro-timesheets-for-jira/version-history
Share on: