Description
Affected versions are: Before 8.5.5, and from 8.6.0 before 8.8.1 of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the XML export view.
Affected products
- Atlassian / Jira Server and Data Centerunspecified – 8.5.5
- Atlassian / Jira Server and Data Center8.6.0 – unspecified
- Atlassian / Jira Server and Data Centerunspecified – 8.8.1