Ttpsc: >> The Scheduler Security Vulnerabilities
The Transition Scheduler add-on 6.5.0 for Atlassian Jira is prone to stored XSS via the project name to the creation function.
CVSS Score
5.4
EPSS Score
0.017
Published
2022-07-13
The Transition Technologies "The Scheduler" app 5.1.3 for Jira allows XXE due to a weakly configured/parameterized XML parser. It was fixed in the versions 5.2.1 and 3.3.7
CVSS Score
7.5
EPSS Score
0.003
Published
2019-08-07