Vulnerabilities > Atlassian > Jira Server > 8.14.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-15 | CVE-2020-36236 | Cross-site Scripting vulnerability in Atlassian products Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the ViewWorkflowSchemes.jspa and ListWorkflows.jspa endpoints. | 6.1 |
| 2021-02-15 | CVE-2020-36234 | Cross-site Scripting vulnerability in Atlassian products Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the Screens Modal view. | 4.8 |