Description

The MigratePriorityScheme resource in Jira before version 8.3.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the priority icon url of an issue priority.

Remediation

References

CVE-2019-11584

Related Vulnerabilities

MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-46251)

WordPress Plugin IGIT Posts Slider Widget 'src' Parameter Cross-Site Scripting (1.0)

Joomla! Core Security Bypass (2.5.0 - 3.9.15)

Apache Tomcat Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2020-13935)

WordPress Plugin SagePay Server Gateway for WooCommerce Cross-Site Scripting (1.0.8)

Severity

Medium

Classification

CVE-2019-11584 CWE-707

Tags

Missing Update Known Vulnerabilities