Description
The ConfigurePortalPages.jspa resource in Jira before version 7.13.3 and from version 8.0.0 before version 8.1.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the searchOwnerUserName parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin YITH WooCommerce Ajax Search Unspecified Vulnerability (1.2.7)
Oracle JRE CVE-2013-0440 Vulnerability (CVE-2013-0440)
WordPress Plugin Wordfence Security-Firewall & Malware Scan Multiple Vulnerabilities (5.2.3)
WordPress Other Vulnerability (CVE-2006-6017)
WordPress 2.8.2 Multiple Security Bypass Vulnerabilities (2.0 - 2.8.2)