CVE-2022-32274 Information

Description

The Transition Scheduler add-on 6.5.0 for Atlassian Jira is prone to stored XSS via the project name to the creation function.

Reference

https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-040.txt https://marketplace.atlassian.com/apps/37456/the-scheduler?hosting=server&tab=overview