Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The WorklogPRO - Jira Timesheets plugin in the Jira Data Center before 4.24.2-jira9, 4.24.2-jira10 and 4.24.2-jira11 allows attackers to inject arbitrary HTML or JavaScript via XSS. This is exploited via a crafted payload placed in the name of a filter. This code is executed in the browser when the user attempts to create a timesheet with the filter timesheet type on the custom timesheet dialog because the filter name is not properly sanitized during the action.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
The Starware WorklogPRO - Jira Timesheets 安全漏洞
Vulnerability Description
The Starware WorklogPRO - Jira Timesheets是土耳其The Starware公司的一个工时记录插件。 The Starware WorklogPRO - Jira Timesheets 4.24.1-jira9、4.24.1-jira10和4.24.1-jira11之前版本存在安全漏洞,该漏洞源于过滤器名称清理不当,可能导致通过特制有效载荷注入任意HTML或JavaScript。
CVSS Information
N/A
Vulnerability Type
N/A