Description
The searchrequest-xml resource in Atlassian Jira before version 7.6.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through various fields.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Database Backup Cross-Site Request Forgery (5.1.2)
WordPress Plugin WP Statistics SQL Injection (9.4)
WordPress Plugin Simple Photo Gallery Cross-Site Scripting (1.8.0)
Roundcube Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5383)
WordPress Plugin Debug Log Manager Cross-Site Request Forgery (2.2.1)