CVE-2022-32567

Name of the Vulnerable Software and Affected Versions Appfire Jira Misc Custom Fields (JMCF) app version 2.4.6

Description The issue allows for XSS via a crafted project name to the Add Auto Indexing Rule function. This can be exploited by sending a malicious project name, potentially leading to the execution of unauthorized code.

Recommendations For version 2.4.6, consider disabling the Add Auto Indexing Rule function until a patch is available to prevent potential XSS attacks. Restrict access to this function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.