Description
Cross-site scripting (XSS) vulnerability in secure/admin/user/views/deleteuserconfirm.jsp in the Admin Panel in Atlassian JIRA before 6.0.5 allows remote attackers to inject arbitrary web script or HTML via the name parameter to secure/admin/user/DeleteUser!default.jspa.
Remediation
References
Related Vulnerabilities
WordPress Plugin AnnounceME Cross-Site Scripting (0.3.3)
Apache Tomcat Other Vulnerability (CVE-2002-0682)
Moodle URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-3850)
Oracle JRE CVE-2018-2811 Vulnerability (CVE-2018-2811)
Moodle URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-14882)