Stored XSS Vulnerability in TechTime User Management Components for Atlassian Products

Stored XSS Vulnerability in TechTime User Management Components for Atlassian Products

CVE-2023-36662 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

The TechTime User Management components for Atlassian products allow stored XSS on the Bulk User Actions page. This affects User Management for Jira 2.0.0 through 2.17.1, User Management for Confluence 2.0.0 through 2.15.24, and User Management for Bitbucket 2.2.2 through 2.15.24.

Learn more about our User Device Pen Test.