Description
The searchrequest-xml resource in Atlassian Jira before version 7.6.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through various fields.
Remediation
References
Related Vulnerabilities
MySQL CVE-2021-2278 Vulnerability (CVE-2021-2278)
MediaWiki Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2021-41800)
TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2026-0859)
WordPress Plugin WP Import Export Lite Security Bypass (3.9.4)
WebERP Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2018-20420)