Description

The two-dimensional filter statistics gadget in Atlassian Jira before version 7.6.10, from version 7.7.0 before version 7.12.4, and from version 7.13.0 before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a saved filter when displayed on a Jira dashboard.

Remediation

References

CVE-2018-13403

Related Vulnerabilities

MySQL CVE-2019-2946 Vulnerability (CVE-2019-2946)

WebLogic CVE-2019-2658 Vulnerability (CVE-2019-2658)

WordPress Plugin Blog social sharing component Cross-Site Request Forgery (1.4.5)

WordPress Plugin Post Duplicator Cross-Site Scripting (2.16)

WordPress Plugin Download Monitor Information Disclosure (1.6.3)

Severity

Medium

Classification

CVE-2018-13403 CWE-707

Tags

Missing Update Known Vulnerabilities