CVE-2022-32567

CVE-2022-32567

EPSS 0.5%

The Appfire Jira Misc Custom Fields (JMCF) app 2.4.6 for Atlassian Jira allows XSS via a crafted project name to the Add Auto Indexing Rule function.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://marketplace.atlassian.com/apps/27136/jira-misc-custom-fields-jmcf?hosting=server&tab=overview https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-039.txt