CVE-2007-0885

EXPLOITED NUCLEI

Rainbow/Zen - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in jira/secure/BrowseProject.jspa in Rainbow with the Zen (Rainbow.Zen) extension allows remote attackers to inject arbitrary web script or HTML via the id parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED
by BL4CK · textwebappsjsp
https://www.exploit-db.com/exploits/29576

Nuclei Templates (1)

Jira Rainbow.Zen - Cross-Site Scripting
MEDIUMby geeknik

References (4)

Scores

EPSS 0.0135
EPSS Percentile 80.2%

Details

VulnCheck KEV 2025-06-07
Status published
Products (2)
rainbow_portal/rainbow_with_the_zen
rainbow_portal/rainbow.zen
Published Feb 12, 2007
Tracked Since Feb 18, 2026