CVE-2022-32567

CVE-2022-32567

EPSS 0.5%

The Appfire Jira Misc Custom Fields (JMCF) app 2.4.6 for Atlassian Jira allows XSS via a crafted project name to the Add Auto Indexing Rule function.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://marketplace.atlassian.com/apps/27136/jira-misc-custom-fields-jmcf?hosting=server&tab=overview https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-039.txt