Description
The Trello board importer resource in Atlassian Jira before version 7.6.1 allows remote attackers who can convince a Jira administrator to import their Trello board to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the title of a Trello card.
Remediation
References
Related Vulnerabilities
WordPress Plugin WordPress Download Manager Multiple Vulnerabilities (3.1.24)
WordPress Plugin Easy2Map Photos Multiple Vulnerabilities (1.0.9)
Trac URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2008-2951)
WordPress Plugin LeaderBoard Cross-Site Request Forgery (1.1.1)
WordPress Plugin Eventify-Simple Events 'npath' Parameter Remote File Include (1.7.g)