CVE-2022-32274

CVE-2022-32274

EPSS 0.5%

The Transition Scheduler add-on 6.5.0 for Atlassian Jira is prone to stored XSS via the project name to the creation function.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://marketplace.atlassian.com/apps/37456/the-scheduler?hosting=server&tab=overview https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-040.txt