Description

The two-dimensional filter statistics gadget in Atlassian Jira before version 7.6.10, from version 7.7.0 before version 7.12.4, and from version 7.13.0 before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a saved filter when displayed on a Jira dashboard.

Remediation

References

CVE-2018-13403

Related Vulnerabilities

MySQL CVE-2021-2072 Vulnerability (CVE-2021-2072)

Oracle Application Server CVE-2006-0287 Vulnerability (CVE-2006-0287)

WordPress Plugin Fonts-Google Fonts Typography Cross-Site Scripting (3.0.2)

WordPress Plugin SEO Redirection-301 Redirect Manager SQL Injection (8.1)

WordPress Plugin WordPress File Upload Multiple Vulnerabilities (2.7.6)

Severity

Medium

Classification

CVE-2018-13403 CWE-707

Tags

Missing Update Known Vulnerabilities