Atlassian Jira Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2020-36234 - Vulnerability Database

Atlassian Jira Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2020-36234

Medium
Reference: CVE-2020-36234
Title: Atlassian Jira Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Overview:

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the Screens Modal view. The affected versions are before version 8.5.11 from version 8.6.0 before 8.13.3 and from version 8.14.0 before 8.15.0.