0.061 Low
EPSS
Percentile
93.5%
Affected versions of Atlassian Jira Server and Data Center use a version of jQuery that is vulnerable to CVE-2020-11022 and CVE-2020-11023. These allow an unauthenticated attacker to inject Javascript into the application via Cross-Site Scripting (XSS) vulnerabilities.
The affected versions are before version 8.15.0.
Affected versions:
Fixed versions:
CPE | Name | Operator | Version |
---|---|---|---|
jira data center | le | 8.0.0 | |
jira data center | le | 8.5.0 | |
jira data center | le | 8.13.0 | |
jira data center | le | 8.14.0 | |
jira data center | lt | 8.15.0 |
0.061 Low
EPSS
Percentile
93.5%