Atlassian Jira WallboardServlet XSS

Description

A cross site scripting (XSS) vulnerability in the cyclePeriod parameter of the WallboardServlet resource in Jira prior to version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript.

Recommendation

• Update Atlassian Jira WallboardServlet to the latest version

Written by

Manindar Mohan

Cyber Security Lead Engineer