Cross-site scripting (XSS) vulnerability in 500page.jsp in JIRA Enterprise Edition before 3.12.1 allows remote attackers to inject arbitrary web script or HTML, which is not properly handled when generating error messages, as demonstrated by input originally sent in the URI to secure/CreateIssue. NOTE: some of these details are obtained from third party information.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2008-01-03T23:00:00
Updated: 2008-01-09T10:00:00
Reserved: 2008-01-03T00:00:00
Link: CVE-2007-6617
JSON object: View
NVD Information
Status : Modified
Published: 2008-01-03T23:46:00.000
Modified: 2008-11-15T07:05:33.780
Link: CVE-2007-6617
JSON object: View
Redhat Information
No data.
CWE