N/A

Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to inject arbitrary HTML or JavaScript via a Reflected Cross-Site Scripting (RXSS) vulnerability in the TeamManagement.jspa endpoint. The affected versions are before version 8.20.8.

N/A

N/A

Atlassian Jira 跨站脚本漏洞

Atlassian Jira是澳大利亚Atlassian公司的一套缺陷跟踪管理系统。该系统主要用于对工作中各类问题、缺陷进行跟踪管理。 Atlassian Jira Server and Data Center 8.20.8之前的版本存在安全漏洞，该漏洞源于其TeamManagement.jspa端点允许匿名的远程攻击者通过反射型跨站脚本注入任意的HTML或JavaScript。

N/A

N/A