Description
Affected versions are: Before 8.5.5, and from 8.6.0 before 8.8.1 of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the XML export view.
Remediation
References
Related Vulnerabilities
Moodle Improper Authentication Vulnerability (CVE-2014-3552)
Oracle Database Server CVE-2014-4294 Vulnerability (CVE-2014-4294)
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.8)
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1582)
WordPress Plugin MyBookTable Bookstore by Author Media Unspecified Vulnerability (2.1.4)