Vulnerability Details CVE-2021-27222
In the "Time in Status" app before 4.13.0 for Jira, remote authenticated attackers can cause Stored XSS.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.4%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References
- https://dev.obss.com.tr/confluence/display/MD/2021-02-25+Time+in+Status+for+Jira+Server+and+Data+Center+Security+Advisory
- https://dev.obss.com.tr/jira/browse/APDTIS-1097?src=confmacro
- https://marketplace.atlassian.com/apps/1211756/time-in-status/version-history
- https://dev.obss.com.tr/confluence/display/MD/2021-02-25+Time+in+Status+for+Jira+Server+and+Data+Center+Security+Advisory
- https://dev.obss.com.tr/jira/browse/APDTIS-1097?src=confmacro
- https://marketplace.atlassian.com/apps/1211756/time-in-status/version-history
Products affected by CVE-2021-27222
-
cpe:2.3:a:obss:time_in_status:4.11.0
-
cpe:2.3:a:obss:time_in_status:4.12.0