Description Atlassian JIRA Server before 7.1.9 has XSS in project/ViewDefaultProjectRoleActors.jspa via a role name. Remediation References CVE-2016-4318 Related Vulnerabilities WebLogic Improper Certificate Validation Vulnerability (CVE-2021-3450) Oracle HTTP Server Use After Free Vulnerability (CVE-2019-10082) OpenSSL Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2014-3509) WordPress Plugin Admin Bar User Switching Cross-Site Scripting (1.0.4) Joomla! Core Multiple Vulnerabilities (2.5.0 - 3.10.6) Severity Medium Classification CVE-2016-4318 CWE-707 Tags Missing Update Known Vulnerabilities