Description
The labels gadget in Jira before version 7.13.2, and from version 8.0.0 before version 8.0.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the jql parameter.
Remediation
References
Related Vulnerabilities
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.29)
WordPress Plugin Video Embed & Thumbnail Generator Cross-Site Scripting (4.0.3)
MediaWiki Improper Privilege Management Vulnerability (CVE-2021-44857)
WordPress Plugin Zotpress 'zotpress.rss.php' SQL Injection (4.4)
MediaWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-31548)