id: CVE-2018-5230 info: name: Atlassian Jira Confluence - Cross-Site Scripting author: madrobot severity: medium description: | Atlassian Jira Confluence before version 7.6.6, from version 7.7.0 before version 7.7.4, from version 7.8.0 before version 7.8.4, and from version 7.9.0 before version 7.9.2, allows remote attackers to inject arbitrary HTML or JavaScript via a cross-site scripting vulnerability in the error message of custom fields when an invalid value is specified. impact: | Successful exploitation of this vulnerability could allow an attacker to execute arbitrary script code in the context of the targeted user's browser, potentially leading to session hijacking, data theft, or other malicious activities. remediation: | Apply the latest security patches or updates provided by Atlassian to mitigate this vulnerability. reference: - https://jira.atlassian.com/browse/JRASERVER-67289 - https://nvd.nist.gov/vuln/detail/CVE-2018-5230 - https://github.com/sushantdhopat/JIRA_testing - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/Faizee-Asad/JIRA-Vulnerabilities classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-5230 cwe-id: CWE-79 epss-score: 0.00153 epss-percentile: 0.51584 cpe: cpe:2.3:a:atlassian:jira:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: atlassian product: jira shodan-query: - http.component:"Atlassian Confluence" - http.component:"atlassian jira" - http.component:"atlassian confluence" - cpe:"cpe:2.3:a:atlassian:jira" tags: cve,cve2018,atlassian,confluence,xss http: - method: GET path: - "{{BaseURL}}/pages/includes/status-list-mo%3Ciframe%20src%3D%22javascript%3Aalert%28document.domain%29%22%3E.vm" matchers-condition: and matchers: - type: word part: body words: - '