CVE-2012-1500: XSS
First published: Thu Feb 13 2020(Updated: )
Stored XSS vulnerability in UpdateFieldJson.jspa in JIRA 4.4.3 and GreenHopper before 5.9.8 allows an attacker to inject arbitrary script code.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Atlassian Greenhopper | <5.9.8 | |
| Atlassian JIRA | =4.4.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2012-1500?
CVE-2012-1500 is classified as a medium severity vulnerability due to the potential for stored XSS attacks.
How do I fix CVE-2012-1500?
To fix CVE-2012-1500, upgrade JIRA to version 4.4.4 or later, and GreenHopper to version 5.9.8 or later.
What types of systems are affected by CVE-2012-1500?
CVE-2012-1500 affects Atlassian JIRA version 4.4.3 and Atlassian GreenHopper versions prior to 5.9.8.
What impact does CVE-2012-1500 have on users?
CVE-2012-1500 allows attackers to inject arbitrary script code, compromising user data and session information.
Is CVE-2012-1500 a widely exploited vulnerability?
While not the most widely exploited vulnerability, CVE-2012-1500 poses a significant risk due to its nature and potential impact.
- collector/nvd-index
- vendor/atlassian
- canonical/atlassian greenhopper
- canonical/atlassian jira
- version/atlassian jira/4.4.3