Skip to main content

Jira CVE-2026-1466

MEDIUM
Cross-site Scripting (XSS) (CWE-79)
2026-01-28 cve@gitlab.com
6.1
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.1 MEDIUM
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

3
Analysis Generated
Mar 12, 2026 - 21:54 vuln.today
Patch released
Feb 12, 2026 - 20:43 nvd
Patch available
CVE Published
Jan 28, 2026 - 07:16 nvd
MEDIUM 6.1

DescriptionCVE.org

Jirafeau normally prevents browser preview for text files due to the possibility that for example SVG and HTML documents could be exploited for cross site scripting. This was done by storing the MIME type of a file and allowing only browser preview for MIME types beginning with image (except for image/svg+xml, see CVE-2022-30110, CVE-2024-12326 and CVE-2025-7066), video and audio. However, it was possible to bypass this check by sending a manipulated HTTP request with an invalid MIME type like image. When doing the preview, the browser tries to automatically detect the MIME type resulting in detecting SVG and possibly executing JavaScript code. To prevent this, MIME sniffing is disabled by sending the HTTP header X-Content-Type-Options: nosniff.

AnalysisAI

Jirafeau's MIME type validation can be bypassed by sending crafted HTTP requests with invalid MIME types, allowing attackers to trigger browser-based MIME sniffing that may execute malicious JavaScript embedded in SVG or HTML files. An unauthenticated remote attacker can exploit this through a simple network request requiring user interaction to view a malicious preview. A patch is available and the vulnerability affects Jirafeau and related products.

Technical ContextAI

Classified as CWE-79 (Cross-site Scripting (XSS)). Affects Jirafeau. Jirafeau normally prevents browser preview for text files due to the possibility that for example SVG and HTML documents could be exploited for cross site scripting. This was done by storing the MIME type of a file and allowing only browser preview for MIME types beginning with image (except for image/svg+xml, see CVE-2022-30110, CVE-2024-12326 and CVE-2025-7066), video and audio. However, it was possible to bypass this check by sending a manipulated HTTP request with an invalid MIME type like i

RemediationAI

A vendor patch is available — apply it immediately. Implement output encoding and Content Security Policy headers. Restrict network access to the affected service where possible.

More in Jira

View all
CVE-2012-2926 CRITICAL POC
9.1 May 22

Atlassian JIRA before 5.0.1; Confluence before 3.5.16, 4.0 before 4.0.7, and 4.1 before 4.1.10; FishEye and Crucible bef

CVE-2014-2314 MEDIUM POC
4.3 Mar 09

Directory traversal vulnerability in the Issue Collector plugin in Atlassian JIRA before 6.0.4 allows remote attackers t

CVE-2017-5983 CRITICAL POC
9.8 Apr 10

The JIRA Workflow Designer Plugin in Atlassian JIRA Server before 6.3.0 improperly uses an XML parser and deserializer,

CVE-2019-8442 HIGH POC
7.5 May 22

The CachingResourceDownloadRewriteRule class in Jira before version 7.13.4, and from version 8.0.0 before version 8.0.4,

CVE-2016-6285 MEDIUM POC
6.1 Jan 31

Cross-site scripting (XSS) vulnerability in includes/decorators/global-translations.jsp in Atlassian JIRA before 7.2.2 a

CVE-2021-26078 MEDIUM POC
6.1 Jun 07

The number range searcher component in Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 before

CVE-2019-3402 MEDIUM POC
6.1 May 22

The ConfigurePortalPages.jspa resource in Jira before version 7.13.3 and from version 8.0.0 before version 8.1.1 allows

CVE-2018-5230 MEDIUM POC
6.1 May 14

The issue collector in Atlassian Jira before version 7.6.6, from version 7.7.0 before version 7.7.4, from version 7.8.0

CVE-2019-16541 CRITICAL
9.9 Nov 21

Jenkins JIRA Plugin 3.0.10 and earlier does not declare the correct (folder) scope for per-folder Jira site definitions,

CVE-2020-14172 CRITICAL
9.8 Jul 03

This issue exists to document that a security improvement in the way that Jira Server and Data Center use velocity templ

CVE-2025-57681 MEDIUM POC
5.4 Jan 21

The WorklogPRO - Timesheets for Jira plugin in Jira Data Center before version 4.23.6-jira10 and before version 4.23.5-j

CVE-2020-14181 MEDIUM POC
5.3 Sep 17

Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Infor

Share

CVE-2026-1466 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy