Description

The two-dimensional filter statistics gadget in Atlassian Jira before version 7.6.10, from version 7.7.0 before version 7.12.4, and from version 7.13.0 before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a saved filter when displayed on a Jira dashboard.

Remediation

References

CVE-2018-13403

Related Vulnerabilities

WordPress Plugin WooCommerce Information Disclosure (4.5.2)

MySQL CVE-2014-6474 Vulnerability (CVE-2014-6474)

WordPress Plugin EU Cookie Law for GDPR/CCPA Cross-Site Scripting (3.1.6)

WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.21)

OpenSSL 7PK - Security Features Vulnerability (CVE-2015-1793)

Severity

Medium

Classification

CVE-2018-13403 CWE-707

Tags

Missing Update Known Vulnerabilities