{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-02T08:27:57.452","vulnerabilities":[{"cve":{"id":"CVE-2018-13395","sourceIdentifier":"security@atlassian.com","published":"2018-08-28T12:29:00.353","lastModified":"2024-11-21T03:47:01.240","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Various resources in Atlassian Jira before version 7.6.8, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3 and before version 7.11.1 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the epic colour field of an issue while an issue is being moved."},{"lang":"es","value":"Varios recursos en Atlassian Jira en versiones anteriores a la 7.6.8, desde la versión 7.7.0 hasta antes de la 7.7.5, desde la versión 7.8.0 hasta antes de la 7.8.5, desde la versión 7.9.0 hasta antes de la 7.9.3, desde la versión 7.10.0 hasta antes de la 7.10.3 y antes de la versión 7.11.1 permiten que atacantes remotos inyecten Código HTML o JavaScript arbitrario mediante una vulnerabilidad de Cross-Site Scripting (XSS) en el campo epic colour de un problema mientras se está moviendo un problema."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:atlassian:jira:*:*:*:*:*:*:*:*","versionEndExcluding":"7.6.8","matchCriteriaId":"852E5AC8-DEE0-4FC4-ADC3-D4B7D13DD405"},{"vulnerable":true,"criteria":"cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:*","versionStartIncluding":"7.7.0","versionEndExcluding":"7.7.5","matchCriteriaId":"300D871F-7128-41F1-BCC8-BE7C3687741B"},{"vulnerable":true,"criteria":"cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:*","versionStartIncluding":"7.8.0","versionEndExcluding":"7.8.5","matchCriteriaId":"A04E4050-271E-4D23-B988-E02D5A651386"},{"vulnerable":true,"criteria":"cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:*","versionStartIncluding":"7.9.0","versionEndExcluding":"7.9.3","matchCriteriaId":"2A3C3F9E-5BDD-48F3-B45F-9B9C6D31CAE2"},{"vulnerable":true,"criteria":"cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:*","versionStartIncluding":"7.10.0","versionEndExcluding":"7.10.3","matchCriteriaId":"C568973F-5079-49ED-928D-7F11C842CF4B"},{"vulnerable":true,"criteria":"cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:*","versionStartIncluding":"7.11.0","versionEndExcluding":"7.11.1","matchCriteriaId":"D18DD515-3135-46E4-A99F-0573882BB098"}]}]}],"references":[{"url":"https://jira.atlassian.com/browse/JRASERVER-67848","source":"security@atlassian.com","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://jira.atlassian.com/browse/JRASERVER-67848","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Vendor Advisory"]}]}}]}