Description
Cross-site scripting (XSS) vulnerability in secure/admin/user/views/deleteuserconfirm.jsp in the Admin Panel in Atlassian JIRA before 6.0.5 allows remote attackers to inject arbitrary web script or HTML via the name parameter to secure/admin/user/DeleteUser!default.jspa.
Remediation
References
Related Vulnerabilities
WordPress Plugin Buddypress Component Stats Local File Inclusion (1.0)
WordPress Plugin Advanced Custom Fields (ACF) Multiple Security Bypass Vulnerabilities (5.10.2)
WordPress Plugin WP Bannerize 'ajax_sorter.php' SQL Injection (2.8.7)
WordPress Plugin WooCommerce Blocks SQL Injection (5.5.0)
Grafana URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-29170)