Description
The activity stream gadget in Jira before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the country parameter.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2009-1968 Vulnerability (CVE-2009-1968)
WordPress Plugin Data Tables Generator by Supsystic Cross-Site Scripting (1.10.0)
WordPress Plugin Custom Global Variables Cross-Site Scripting (1.0.5)
MySQL CVE-2021-2478 Vulnerability (CVE-2021-2478)
Squid Uncontrolled Resource Consumption Vulnerability (CVE-2021-46784)