CVE-2010-1164 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in Atlassian JIRA 3.12 through 4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) element or (2) defaultColor parameter to the Colour Picker page; the (3) formName parameter (4) element parameter or (5) full name field to the User Picker page; the (6) formName parameter (7) element parameter or (8) group name field to the Group Picker page; the (9) announcement_preview_banner_st parameter to unspecified components related to the Announcement Banner Preview page; unspecified vectors involving the (10) groupnames.jsp (11) indexbrowser.jsp (12) classpath-debug.jsp (13) viewdocument.jsp or (14) cleancommentspam.jsp page; the (15) portletKey parameter to runportleterror.jsp; the (16) URI to issuelinksmall.jsp; the (17) afterURL parameter to screenshot-redirecter.jsp; or the (18) HTTP Referrer header to 500page.jsp as exploited in the wild in April 2010.

Reference

http://confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2010-04-16 http://jira.atlassian.com/browse/JRA-20994 http://jira.atlassian.com/browse/JRA-21004 http://secunia.com/advisories/39353 http://www.openwall.com/lists/oss-security/2010/04/16/3 http://www.openwall.com/lists/oss-security/2010/04/16/4 http://www.securityfocus.com/bid/39485 https://exchange.xforce.ibmcloud.com/vulnerabilities/57826 https://exchange.xforce.ibmcloud.com/vulnerabilities/57827