Description
Cross-site scripting (XSS) vulnerability in Atlassian JIRA 3.6.2-#156 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in a direct request to secure/ConfigureReleaseNote.jspa, which are not sanitized before being returned in an error page.
Remediation
References
Related Vulnerabilities
WordPress Plugin FireStats Cross-Site Scripting (1.6.4)
Next.js CVE-2023-46298 Vulnerability (CVE-2023-46298)
Oracle Database Server CVE-2009-1991 Vulnerability (CVE-2009-1991)
WordPress Plugin Acunetix Secure WordPress Cross-Site Request Forgery (3.0.2)
ownCloud Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-2397)