Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26083)

Description

Export HTML Report in Atlassian Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.0 before 8.16.1 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability.

Remediation

References

Related Vulnerabilities

WordPress Plugin Contact Form by WD-responsive drag & drop contact form builder tool Security Bypass (1.7.14)

phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4634)

WordPress Plugin WordPress Gallery MaxGalleria Unspecified Vulnerability (6.0.8)

WordPress Plugin WolfNet IDX for WordPress Multiple Unspecified Vulnerabilities (1.14.7)

WordPress Plugin Blue Admin Cross-Site Request Forgery (21.06.01)

Severity

Medium

Classification

CVE-2021-26083 CWE-707

Tags

Missing Update Known Vulnerabilities