Atlassian: >> Jira >> 8.9.0 Security Vulnerabilities
The quick search component in Atlassian Jira Server and Data Center before 8.9.1 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability
CVSS Score
6.1
EPSS Score
0.003
Published
2020-07-01
Versions before 8.9.1, Various resources in Jira responded with a 404 instead of redirecting unauthenticated users to the login page, in some situations this may have allowed unauthorised attackers to determine if certain resources exist or not through an Information Disclosure vulnerability.
CVSS Score
5.3
EPSS Score
0.005
Published
2020-06-23
Page 3