Description Atlassian JIRA Server before 7.1.9 has XSS in project/ViewDefaultProjectRoleActors.jspa via a role name. Remediation References CVE-2016-4318 Related Vulnerabilities ownCloud Improper Access Control Vulnerability (CVE-2016-9460) WordPress Plugin WP HTML Sitemap Cross-Site Request Forgery (1.2) WordPress Plugin Wholesale Market for WooCommerce Arbitrary File Download (1.0.7) MySQL CVE-2019-2607 Vulnerability (CVE-2019-2607) Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-7919) Severity Medium Classification CVE-2016-4318 CWE-707 Tags Missing Update Known Vulnerabilities