Description
Cross-site scripting (XSS) vulnerability in Atlassian JIRA 3.6.2-#156 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in a direct request to secure/ConfigureReleaseNote.jspa, which are not sanitized before being returned in an error page.
Remediation
References
Related Vulnerabilities
WordPress Plugin WordPress Landing Pages Multiple Unspecified Vulnerabilities (1.7.8)
WordPress Plugin Custom Field Template PHP Object Injection (2.5.7)
Oracle Database Server CVE-2006-0291 Vulnerability (CVE-2006-0291)
WordPress Plugin WP Visitor Statistics (Real Time Traffic) SQL Injection (4.7)
WordPress Plugin Newspack Blocks Arbitrary File Upload (3.0.8)