WEB APPLICATION VULNERABILITIES Standard & Premium

Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-4318)

Description

Atlassian JIRA Server before 7.1.9 has XSS in project/ViewDefaultProjectRoleActors.jspa via a role name.

Remediation

References

Related Vulnerabilities

Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4563)

WordPress Plugin ProPlayer 'pp_playlist_id' Parameter SQL Injection (4.7.7)

Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-5319)

OpenSSL Cryptographic Issues Vulnerability (CVE-2011-4108)

WordPress Plugin Google Doc Embedder SQL Injection (2.5.16)

Severity

Medium

Classification

CVE-2016-4318 CWE-707

Tags

Missing Update Known Vulnerabilities