Vulnerability Details CVE-2022-32567
The Appfire Jira Misc Custom Fields (JMCF) app 2.4.6 for Atlassian Jira allows XSS via a crafted project name to the Add Auto Indexing Rule function.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.7%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References
- https://marketplace.atlassian.com/apps/27136/jira-misc-custom-fields-jmcf?hosting=server&tab=overview
- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-039.txt
- https://marketplace.atlassian.com/apps/27136/jira-misc-custom-fields-jmcf?hosting=server&tab=overview
- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-039.txt
Products affected by CVE-2022-32567
-
cpe:2.3:a:appfire:jira_misc_custom_fields:2.4.6