Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1500)

Description

Stored XSS vulnerability in UpdateFieldJson.jspa in JIRA 4.4.3 and GreenHopper before 5.9.8 allows an attacker to inject arbitrary script code.

Remediation

References

Related Vulnerabilities

PHP mail function ASCII control character header spoofing vulnerability

MySQL CVE-2012-1702 Vulnerability (CVE-2012-1702)

Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.37)

WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.14)

WordPress Plugin WordPress Easy Custom Js And Css Cross-Site Scripting (1.1.2)

Severity

Medium

Classification

CVE-2012-1500 CWE-707 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities