CVE-2021-27222 Information
Jun 07, 2022
cve
Description
In the \Time in Status\ app before 4.13.0 for Jira remote authenticated attackers can cause Stored XSS.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Reference
https://dev.obss.com.tr/confluence/display/MD/2021-02-25+Time+in+Status+for+Jira+Server+and+Data+Center+Security+Advisory https://dev.obss.com.tr/jira/browse/APDTIS-1097?src=confmacro https://marketplace.atlassian.com/apps/1211756/time-in-status/version-history
Attack Complexity
LOW
Privileges Required
LOW
User Interaction Required
LOW
Scope
REQUIRED
Confidentiality Impact
CHANGED
Integrity Impact
LOW
Availability Impact
LOW
Base Score
NONE
Base Severity
5.4
Share on: