Description Atlassian JIRA Server before 7.1.9 has XSS in project/ViewDefaultProjectRoleActors.jspa via a role name. Remediation References CVE-2016-4318 Related Vulnerabilities silverstripeCMS Other Vulnerability (CVE-2015-5062) Zikula Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-3352) WordPress Plugin Image Gallery with Slideshow Multiple Vulnerabilities (1.5.2) WordPress Plugin TAKETIN To WP Membership PHP Object Injection (1.2.7) Drupal Improper Input Validation Vulnerability (CVE-2016-9452) Severity Medium Classification CVE-2016-4318 CWE-707 Tags Missing Update Known Vulnerabilities