CVE-2020-14166

MEDIUM

Jira Service Desk < 4.10.0 - Authenticated Stored Cross-Site Scripting via HTML File Upload

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-14166. PoCs published by Captain_hook.

AI-analyzed exploit summary This is a writeup describing an unrestricted file upload vulnerability in Atlassian Jira Service Desk, leading to stored XSS. The exploit involves uploading an HTML or JavaScript file by bypassing file type restrictions in the banner upload feature.

Description

The /servicedesk/customer/portals resource in Jira Service Desk Server and Data Center before version 4.10.0 allows remote attackers with project administrator privileges to inject arbitrary HTML or JavaScript names via an Cross Site Scripting (XSS) vulnerability by uploading a html file.

Exploits (1)

exploitdb WRITEUP
by Captain_hook · textwebappsmultiple
https://www.exploit-db.com/exploits/49748

This is a writeup describing an unrestricted file upload vulnerability in Atlassian Jira Service Desk, leading to stored XSS. The exploit involves uploading an HTML or JavaScript file by bypassing file type restrictions in the banner upload feature.

Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: Atlassian Jira Service Desk Server and Data Center < 4.10.0
Auth required
Prerequisites: Project administrator privileges · Access to the /servicedesk/customer/portals endpoint
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Issue Tracking, Vendor Advisory x_refsource_misc
https://jira.atlassian.com/browse/JSDSERVER-6895

Scores

CVSS v3 4.8
EPSS 0.0194
EPSS Percentile 77.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Details

CWE
CWE-79
Status published
Products (1)
atlassian/jira_service_desk < 4.10.0 (2 CPE variants)
Published Jul 01, 2020
Tracked Since Feb 18, 2026