CVE-2021-39878 - A stored Reflected Cross-Site Scripting vulnerability in the Jira integration in GitLab version 13.0

CVE-2021-39878

Summary

A stored Reflected Cross-Site Scripting vulnerability in the Jira integration in GitLab version 13.0 up to 14.3.1 allowed an attacker to execute arbitrary javascript code.

References

https://gitlab.com/gitlab-org/gitlab/-/issues/334043
https://hackerone.com/reports/1194254
https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39878.json

Vulnerable Configurations

CVSS

Base:	None
Impact:
Exploitability:

Access

Vector	Complexity	Authentication

Impact

Confidentiality	Integrity	Availability

Last major update

05-10-2021 - 13:26

Published

05-10-2021 - 13:15

Last modified

05-10-2021 - 13:26