Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Atlassian | Jira Service Management Server | affected |
|
||||||
| Atlassian | Jira Service Management Data Center | affected |
|
Configuration 1 [-]
|
No data.
No data available yet.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2021-30805 | Affected versions of Atlassian Jira Service Management Server and Data Center allow attackers with administrator privileges to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the "Object Schema" field of /secure/admin/InsightDefaultCustomFieldConfig.jspa. The affected versions are before version 4.21.0. |
| Link | Providers |
|---|---|
| https://jira.atlassian.com/browse/JSDSERVER-10980 |
|
Mon, 07 Oct 2024 19:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: atlassian
Published:
Updated: 2024-10-04T18:12:24.195Z
Reserved: 2021-11-16T00:00:00.000Z
Link: CVE-2021-43943
Vulnrichment
Updated: 2024-08-04T04:10:17.129Z
NVD
Status : Modified
Published: 2022-02-24T05:15:09.537
Modified: 2024-11-21T06:30:03.193
Link: CVE-2021-43943
Redhat
No data.
OpenCVE Enrichment
No data.