Persistent XSS Vulnerability in Gantt-Chart Module for Jira

Persistent XSS Vulnerability in Gantt-Chart Module for Jira

CVE-2020-15944 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

An issue was discovered in the Gantt-Chart module before 5.5.5 for Jira. Due to missing validation of user input, it is vulnerable to a persistent XSS attack. An attacker can embed the attack vectors in the dashboard of other users. To exploit this vulnerability, an attacker has to be authenticated.

Learn more about our User Device Pen Test.