Vulnerabilities > CVE-2007-6618 - Security Bypass Weaknesses in Atlassian JIRA
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
JIRA Enterprise Edition before 3.12.1 allows remote attackers to delete another user's shared filter via a modified filter ID.
Vulnerable Configurations
Nessus
NASL family | CGI abuses : XSS |
NASL id | JIRA_3_12_1.NASL |
description | The Atlassian JIRA installation hosted on the remote web server is affected by a cross-site scripting (XSS) vulnerability due to a failure to properly sanitize user-supplied error messages before being passed to the 500page.jsp script. A remote attacker, using a crafted URL, can exploit this to execute arbitrary code in a user |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 29834 |
published | 2008-01-03 |
reporter | This script is Copyright (C) 2008-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/29834 |
title | Atlassian JIRA 500page.jsp XSS |