Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-4318)

Description

Atlassian JIRA Server before 7.1.9 has XSS in project/ViewDefaultProjectRoleActors.jspa via a role name.

Remediation

References

Related Vulnerabilities

WordPress Plugin Live Product Editor for WooCommerce Security Bypass (4.6.2)

WordPress Plugin Site Import Remote File Inclusion (1.0.1)

Cherokee Improper Authentication Vulnerability (CVE-2014-4668)

SharePoint CVE-2024-38227 Vulnerability (CVE-2024-38227)

WordPress Plugin All Video Gallery SQL Injection (1.2)

Severity

Medium

Classification

CVE-2016-4318 CWE-707

Tags

Missing Update Known Vulnerabilities