216.73.216.67

CVE-2025-25363

· Published 13/03/2025 18:15 · Modified 13/03/2025 18:15

Labels: CVE-2025-25363 2025-03-13CVE-2025-25363[email protected]

Essential information

Published
13/03/2025 18:15
Modified
13/03/2025 18:15
Author
Creator
CISA KEV
No
CWE

Description

An authenticated stored cross-site scripting (XSS) vulnerability in The Plugin People Enterprise Mail Handler for Jira Data Center (JEMH) before v4.1.69-dc allows attackers with Administrator privileges to execute arbitrary Javascript in context of a user's browser via injecting a crafted payload into the HTML field of a template.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
the plugin people / enterprise mail handler cpe:2.3:a:the_plugin_people:enterprise_mail_handler:*:*:*:*:*:jira:*:*

References