What is CVE-2022-36801?

CVE-2022-36801 is a vulnerability in Atlassian Jira Data Center. Published 2022-08-10.

Is CVE-2022-36801 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Atlassian Jira Data Center

CVE-2022-36801

Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to inject arbitrary HTML or JavaScript via a Reflected Cross-Site Scripting (RXSS) vulnerability in the TeamManagement.jspa endpoint. The affected…

EPSS: 0.005 (64.2th percentile) — read the EPSS interpretation.

Affected products

Atlassian Jira Data Center — versions unspecified
Atlassian Jira Server — versions unspecified

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

jira.atlassian.com/browse/JRASERVER-73740 (x_refsource_MISC)

Frequently asked questions

What is CVE-2022-36801?: CVE-2022-36801 is a vulnerability in Atlassian Jira Data Center. Published 2022-08-10.
Is CVE-2022-36801 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.