Description

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the project configuration feature. The affected versions are before version 8.3.0.

Remediation

References

CVE-2019-20416

Related Vulnerabilities

WordPress Plugin XVE Various Embed Multiple Cross-Site Scripting Vulnerabilities (1.0.3)

WordPress Plugin User Activity Log Multiple Cross-Site Scripting Vulnerabilities (1.4.6)

MySQL Improper Access Control Vulnerability (CVE-2015-3152)

WordPress Plugin Party Hall Booking Manager SQL Injection (1.1)

Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2021-27577)

Severity

Medium

Classification

CVE-2019-20416 CWE-707

Tags

Missing Update Known Vulnerabilities