CVE-2020-14166 vulnerability in Atlassian Products
Published on July 1, 2020

The /servicedesk/customer/portals resource in Jira Service Desk Server and Data Center before version 4.10.0 allows remote attackers with project administrator privileges to inject arbitrary HTML or JavaScript names via an Cross Site Scripting (XSS) vulnerability by uploading a html file.

NVD

Products Associated with CVE-2020-14166

Want to know whenever a new CVE is published for Atlassian products? stack.watch will email you.

Atlassian Jira

Atlassian Jira Software Data Center

Atlassian Jira Service Desk

Affected Versions

Atlassian Jira Service Desk Server and Data Center:

Version unspecified and below 4.10.0 is affected.

Exploit Probability

EPSS

0.76%

Percentile

73.06%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-14166 vulnerability in Atlassian ProductsPublished on July 1, 2020

Products Associated with CVE-2020-14166

Affected Versions

Exploit Probability

CVE-2020-14166 vulnerability in Atlassian Products
Published on July 1, 2020