N/A

The Editor plugin in Atlassian Jira Server and Data Center before version 8.5.18, from 8.6.0 before 8.13.10, and from version 8.14.0 before 8.18.2 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the handling of supplied content such as from a PDF when pasted into a field such as the description field.

N/A

N/A

Atlassian Jira 跨站脚本漏洞

Atlassian Jira是澳大利亚Atlassian公司的一套缺陷跟踪管理系统。该系统主要用于对工作中各类问题、缺陷进行跟踪管理。 Atlassian Jira Server 和Data Center 8.5.18之前版本, 8.6.0 至 8.13.10之前版本, 8.14.0 至 8.18.2之前版本的Editor插件存在安全漏洞，攻击者可利用该漏洞注入任意HTML或JavaScript

N/A

N/A