Description Atlassian JIRA Server before 7.1.9 has XSS in project/ViewDefaultProjectRoleActors.jspa via a role name. Remediation References CVE-2016-4318 Related Vulnerabilities e107 Deserialization of Untrusted Data Vulnerability (CVE-2016-10753) WordPress Improper Privilege Management Vulnerability (CVE-2020-28035) WordPress Plugin Wp custom slider SQL Injection (1.6.2) Varnish Cache Other Vulnerability (CVE-2013-4090) Apache Tomcat Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-5515) Severity Medium Classification CVE-2016-4318 CWE-707 Tags Missing Update Known Vulnerabilities