WEB APPLICATION VULNERABILITIES Standard & Premium

Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1500)

Description

Stored XSS vulnerability in UpdateFieldJson.jspa in JIRA 4.4.3 and GreenHopper before 5.9.8 allows an attacker to inject arbitrary script code.

Remediation

References

Related Vulnerabilities

WordPress Plugin Arigato Autoresponder and Newsletter Multiple Unspecified Vulnerabilities (2.4.2)

WordPress Plugin Securimage-WP-Fixed Cross-Site Scripting (3.5.4)

Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-9691)

MySQL CVE-2020-2812 Vulnerability (CVE-2020-2812)

WordPress Plugin Simple Photo Gallery SQL Injection (1.7.9)

Severity

Medium

Classification

CVE-2012-1500 CWE-707 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities