Security for everyone

CVE-2018-20824 Scanner

Detects 'Cross-Site Scripting (XSS)' vulnerability in Atlassian Jira affects v. before 7.13.1.


Short Info




Single Scan

Can be used by

Asset Owner

Estimated Time

15 sec

Scan only one


Parent Category

CVE-2018-20824 Scanner Detail

Atlassian Jira is a popular project management tool used by businesses and organizations to track and manage tasks, issues, and projects. It is a highly flexible platform that can be customized to fit the specific needs of different teams, making it a preferred choice for software development, IT, marketing, and other departments.

However, like any other software, Jira is also vulnerable to security threats. One such vulnerability is the CVE-2018-20824, which was detected in Jira versions prior to 7.13.1. This vulnerability allowed remote attackers to inject arbitrary HTML or JavaScript through a cross-site scripting (XSS) attack on the WallboardServlet resource via the cyclePeriod parameter. This could potentially lead to sensitive data theft, unauthorized access, or system hijacking.

If exploited, the CVE-2018-20824 vulnerability can cause significant damage to an organization. Attackers can use this vulnerability to plant malicious code such as keyloggers, malware, and ransomware on the system, which can lead to system-wide compromise, data breach, and loss of sensitive information. Additionally, attackers can manipulate user accounts, gain access to restricted areas, and use the Jira platform as a foothold to access other parts of the network.

In conclusion, the CVE-2018-20824 vulnerability in Atlassian Jira is a serious threat that can potentially cause significant harm to an organization. By taking the necessary precautions and using advanced security tools such as those offered by, businesses can protect themselves from such vulnerabilities and secure their digital assets. With pro features that enable users to scan, monitor, and report on their security posture, provides a comprehensive solution for identifying and mitigating security risks in today's complex threat landscape.



cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture