Description
The activity stream gadget in Jira before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the country parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin Blog2Social:Social Media Auto Post & Scheduler SQL Injection (5.5.0)
MySQL CVE-2019-2580 Vulnerability (CVE-2019-2580)
WordPress Plugin Advanced Custom Fields PRO Cross-Site Scripting (6.1.5)
WordPress Plugin A2 Optimized WP Information Disclosure (2.0.10.8)
WordPress Plugin Open Graph for Facebook, Google+ and Twitter Card Tags Cross-Site Scripting (2.2.4)