Description
The EditIssue.jspa resource in Atlassian Jira before version 7.6.7 and from version 7.7.0 before version 7.10.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the issuetype parameter.
Remediation
References
Related Vulnerabilities
WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.12)
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery SQL Injection (1.2.7)
WordPress Plugin WP Media Cleaner Multiple Cross-Site Scripting Vulnerabilities (2.2.6)
WordPress Plugin Jetpack-WP Security, Backup, Speed, & Growth Cross-Site Scripting (7.9)
WordPress Plugin MAC PHOTO GALLERY Multiple Security Bypass Vulnerabilities (3.0)