Description
The IncomingMailServers resource in Atlassian Jira from version 6.2.1 before version 7.4.4 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the messagesThreshold parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin Testimonial WordPress-AP Custom Testimonial Unspecified Vulnerability (1.4.7)
WordPress Plugin PDW Media File Browser 'upload.php' Arbitrary File Upload (1.1)
Serendipity Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3800)
WordPress Plugin WoWPth Cross-Site Scripting (2.0)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-7833)