WEB APPLICATION VULNERABILITIES Standard & Premium

Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-4318)

Description

Atlassian JIRA Server before 7.1.9 has XSS in project/ViewDefaultProjectRoleActors.jspa via a role name.

Remediation

References

Related Vulnerabilities

MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-19202)

WordPress Plugin Deeper Comments Security Bypass (2.1.1)

MySQL CVE-2019-2819 Vulnerability (CVE-2019-2819)

IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-9973)

MySQL CVE-2017-3468 Vulnerability (CVE-2017-3468)

Severity

Medium

Classification

CVE-2016-4318 CWE-707

Tags

Missing Update Known Vulnerabilities