Описание
An authenticated stored cross-site scripting (XSS) vulnerability in The Plugin People Enterprise Mail Handler for Jira Data Center (JEMH) before v4.1.69-dc allows attackers with Administrator privileges to execute arbitrary Javascript in context of a user's browser via injecting a crafted payload into the HTML field of a template.
Уязвимые конфигурации
Конфигурация 1Версия от 4.1.53-dc (включая) до 4.1.69-dc (исключая)
cpe:2.3:a:thepluginpeople:enterprise_mail_handler:*:*:*:*:*:jira:*:*
EPSS
Процентиль: 21%
0.00068
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-80
Связанные уязвимости
CVSS3: 6.5
github
11 месяцев назад
An authenticated stored cross-site scripting (XSS) vulnerability in The Plugin People Enterprise Mail Handler for Jira Data Center (JEMH) before v4.1.69-dc allows attackers with Administrator privileges to execute arbitrary Javascript in context of a user's browser via injecting a crafted payload into the HTML field of a template.
EPSS
Процентиль: 21%
0.00068
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-80