Site icon API Security Blog

Atlassian Jira Service Desk 4.7.1 < 4.10.0 Cross-Site Scripting In API and Integrations

According to its self-reported version number, the Atlassian Jira Service Desk application running on the remote host is version 4.7.x prior to 4.10.0. It is, therefore, affected by a flaw which may permit a remote attacker to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in API and Integrations.nn Note that the scanner has not tested for these issues but has instead relied only on the application’s self-reported version number.Read More

Exit mobile version