Description
Affected versions are: Before 8.5.5, and from 8.6.0 before 8.8.1 of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the XML export view.
Remediation
References
Related Vulnerabilities
WordPress Plugin Themify Builder Cross-Site Scripting (5.3.1)
WordPress 3.8.x Arbitrary File Deletion Vulnerability (3.8 - 3.8.26)
Ruby Resource Management Errors Vulnerability (CVE-2014-2734)
Moodle Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-6970)
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-4962)