Description

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the project configuration feature. The affected versions are before version 8.3.0.

Remediation

References

CVE-2019-20416

Related Vulnerabilities

Oracle Database Server CVE-2010-2407 Vulnerability (CVE-2010-2407)

WordPress Plugin User Registration, Login & Landing Pages-LeadMagic Cross-Site Scripting (1.2.7)

WordPress Plugin Portfolio for Elementor, Image Gallery & Post Grid-PowerFolio Security Bypass (2.1.6)

WordPress Plugin Automatic Online Backup 'url' Parameter Cross-Site Scripting (0.8.2)

Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-35030)

Severity

Medium

Classification

CVE-2019-20416 CWE-707

Tags

Missing Update Known Vulnerabilities