Description
The Trello board importer resource in Atlassian Jira before version 7.6.1 allows remote attackers who can convince a Jira administrator to import their Trello board to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the title of a Trello card.
Remediation
References
Related Vulnerabilities
PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-3278)
Contao Improper Encoding or Escaping of Output Vulnerability (CVE-2019-19714)
MySQL CVE-2021-2212 Vulnerability (CVE-2021-2212)
WordPress Plugin Good LMS-Learning Management System SQL Injection (2.1.4)
MediaWiki Resource Management Errors Vulnerability (CVE-2015-8002)