Reflected Cross-Site Scripting Vulnerability in Atlassian Jira Server and Data Center
CVE-2022-36801
6.1MEDIUM
What is CVE-2022-36801?
A serious vulnerability in Atlassian Jira Server and Data Center allows unauthorized attackers to exploit the TeamManagement.jspa endpoint, enabling the injection of arbitrary HTML or JavaScript. This flaw can facilitate a range of attacks, potentially compromising user data and application integrity. Affected users should upgrade to versions 8.20.8 or later to secure their systems against this risk.
Affected Version(s)
Jira Data Center < 8.20.8
Jira Server < 8.20.8