Description
The Trello board importer resource in Atlassian Jira before version 7.6.1 allows remote attackers who can convince a Jira administrator to import their Trello board to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the title of a Trello card.
Remediation
References
Related Vulnerabilities
Joomla! Core 3.0.0 Cross-Site Scripting (3.0.0)
WordPress Plugin VDZ VERIFICATION (Custom Meta Tags) Cross-Site Scripting (1.3.12)
Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-11322)
WordPress Plugin WP Debugging Security Bypass (2.10.2)
WordPress Plugin SpeakOut! Email Petitions Cross-Site Scripting (2.13.2)