A vulnerability has been identified in the "Project" field when creating an external share for a project in Jira, where arbitrary JavaScript can be executed on other users' browsers if the project name includes an XSS payload.

Initially, a low-privilege user in Jira created a Team-Managed project with the following payload embedded in the project name:

Steps to Reproduce

1. Log in to Jira as a user with lower privileges.

2. Create a Team-Managed project and navigate to project settings > details.

3. Update the project name to bugcrowd'"><h1>bugcrowd</h1><img src=x onerror=alert(document.domain)>.

4. Log in as a Jira administrator.

5. Install the "External Share for Jira" app.

6. After installation, go to apps > external share.

7. Select create External share, choose board and search for bugcrowd.

8. Observe that the payload is executed whenever a user accesses the vulnerable page.