CVE-2022-32274

CVE-2022-32274

EPSS 0.5%

The Transition Scheduler add-on 6.5.0 for Atlassian Jira is prone to stored XSS via the project name to the creation function.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://marketplace.atlassian.com/apps/37456/the-scheduler?hosting=server&tab=overview https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-040.txt