Description
The CardLayoutConfigTable component in Jira Server and Jira Data Center before version 8.5.15, and from version 8.6.0 before version 8.13.7, and from version 8.14.0 before 8.17.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability.
Remediation
References
Related Vulnerabilities
MySQL CVE-2015-0503 Vulnerability (CVE-2015-0503)
WordPress Plugin Flash Photo Gallery Cross-Site Scripting (0.7)
WordPress Plugin Download from files Arbitrary File Upload (1.48)
YetiForce CRM Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-0269)
PHP hangs on parsing particular strings as floating point number