Description
The printable searchrequest issue resource in Atlassian Jira before version 7.2.12 and from version 7.3.0 before 7.6.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the jqlQuery query parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin Divi Builder PHP Code Injection (4.0.9)
Envoy Proxy Out-of-bounds Write Vulnerability (CVE-2019-18801)
Joomla! Core 1.7.0 Cross-Site Scripting (1.7.0)
WordPress Plugin Auto Publish for Google My Business Cross-Site Scripting (3.3)
WordPress Plugin PhotoSmash Galleries Arbitrary File Upload (1.0.7)