Description

The quick search component in Atlassian Jira Server and Data Center before 8.9.1 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability

Remediation

References

CVE-2020-14169

Related Vulnerabilities

WordPress Plugin Duplicator-WordPress Migration Cross-Site Scripting (0.5.26)

GeoServer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-23821)

Liferay DXP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-25143)

OpenSSL Resource Management Errors Vulnerability (CVE-2009-4355)

Apache Tomcat Session Fixation Vulnerability (CVE-2019-17563)

Severity

Medium

Classification

CVE-2020-14169 CWE-707

Tags

Missing Update Known Vulnerabilities