CVE-2016-4318

4.8MEDIUM

Key Information:

Vendor: Atlassian
Status: Atlassian Jira Server Before 7.1.9
Vendor: CVE Published:; 10 April 2017

Summary

Atlassian JIRA Server before 7.1.9 has XSS in project/ViewDefaultProjectRoleActors.jspa via a role name.

Affected Version(s)

Atlassian JIRA Server before 7.1.9 Atlassian JIRA Server before 7.1.9

References

https://jira.atlassian.com/browse/JRA-61861

x_refsource_MISC

https://jira.atlassian.com/secure/ReleaseNote.jspa?projec...

x_refsource_MISC

https://jira.atlassian.com/browse/JRASERVER-61861

x_refsource_MISC

CVSS V3.1

Score:

4.8

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Apr 10, 2017
Vulnerability Reserved
Apr 27, 2016

.