CVE-2023-30453

Name of the Vulnerable Software and Affected Versions Teamlead Reminder plugin for Jira versions through 2.6.5

Description The issue allows for persistent XSS via the message parameter. This can lead to malicious scripts being executed on the client-side, potentially compromising user data or taking control of user sessions.

Recommendations For versions through 2.6.5, consider disabling the plugin until a patch is available to prevent exploitation. Restrict access to the plugin's functionality to minimize the risk of XSS attacks. Avoid using the message parameter in the affected plugin until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.