Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in secure/admin/user/views/deleteuserconfirm.jsp in the Admin Panel in Atlassian JIRA before 6.0.5 allows remote attackers to inject arbitrary web script or HTML via the name parameter to secure/admin/user/DeleteUser!default.jspa.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Atlassian JIRA ’name‘参数跨站脚本漏洞
Vulnerability Description
Atlassian JIRA是澳大利亚Atlassian公司的一套缺陷跟踪管理系统。该系统主要用于对工作中各类问题、缺陷进行跟踪管理。 Atlassian JIRA 6.0.4及之前的版本中的Admin Panel中的secure/admin/user/views/deleteuserconfirm.jsp脚本中存在跨站脚本漏洞。远程攻击者可通过向secure/admin/user/DeleteUser!default.jspa地址传送‘name’参数,利用该漏洞注入任意Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A