Description
The /servicedesk/customer/portals resource in Jira Service Desk Server and Data Center before version 4.10.0 allows remote attackers with project administrator privileges to inject arbitrary HTML or JavaScript names via an Cross Site Scripting (XSS) vulnerability by uploading a html file.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2007-3854 Vulnerability (CVE-2007-3854)
WordPress Plugin Twitter Cards Meta Multiple Vulnerabilities (2.4.5)
MySQL CVE-2016-3471 Vulnerability (CVE-2016-3471)
Undertow Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-3859)
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4937)