CVE-2016-6285 in Jirainformación

Resumen

por MITRE

Cross-site scripting (XSS) vulnerability in includes/decorators/global-translations.jsp in Atlassian JIRA before 7.2.2 allows remote attackers to inject arbitrary web script or HTML via the HTTP Host header.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservar

2016-07-22

Divulgación

2017-01-31

Moderación

aceptado

Artículo

VDB-95457

CPE

listo

CWE

CWE-79 (confirmado)

Explotación

Descargar

CVSS

6.1 (NVD)

EPSS

0.00762

KEV

Actividades

muy bajo

Sector

Hostingprovider, Chemical, ...

Fuentes

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-6285
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-6285
CVE Details	https://www.cvedetails.com/cve/CVE-2016-6285/

◂ Anterior Visión De Conjunto Próximo ▸

Want to know what is going to be exploited?

We predict KEV entries!