WEB APPLICATION VULNERABILITIES Standard & Premium

Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-4318)

Description

Atlassian JIRA Server before 7.1.9 has XSS in project/ViewDefaultProjectRoleActors.jspa via a role name.

Remediation

References

Related Vulnerabilities

silverstripeCMS Other Vulnerability (CVE-2015-5062)

Zikula Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-3352)

WordPress Plugin Image Gallery with Slideshow Multiple Vulnerabilities (1.5.2)

WordPress Plugin TAKETIN To WP Membership PHP Object Injection (1.2.7)

Drupal Improper Input Validation Vulnerability (CVE-2016-9452)

Severity

Medium

Classification

CVE-2016-4318 CWE-707

Tags

Missing Update Known Vulnerabilities