Jira Cross Site Scripting And Information Disclosure Vulnerabilities Network Vulnerability

Summary

Jira is prone to multiple cross-site scripting vulnerabilities and an information disclosure vulnerability because the application fails to sufficiently sanitize user-supplied input. Attackers can exploit these issues to obtain sensitive information, steal cookie-based authentication information, and execute arbitrary client-side scripts in the context of the browser. Jira 4.01 is vulnerable other versions may also be affected.

References

http://www.atlassian.com/software/jira/
https://www.securityfocus.com/bid/42025

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

AeroMail Cross Site Request Forgery, HTML Injection and Cross Site Scripting Vulnerabilities
Apache mod_proxy_ajp Information Disclosure Vulnerability
Alt-N WebAdmin Remote Source Code Information Disclosure Vulnerability
Apache Web Server ETag Header Information Disclosure Weakness
Advantech WebAccess Multiple Stack Based Buffer Overflow Vulnerabilities

Jira Cross Site Scripting and Information Disclosure Vulnerabilities

Take action and discover your vulnerabilities