Description
Affected versions are: Before 8.5.5, and from 8.6.0 before 8.8.1 of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the XML export view.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Mapa Politico Espana Cross-Site Scripting (3.6.2)
WordPress Plugin bbPress Cross-Site Scripting (2.5.6)
Drupal Core 8.x Multiple Vulnerabilities (8.0.0 - 8.3.3)
WordPress Plugin CPT Bootstrap Carousel Cross-Site Scripting (1.12)
Moodle Resource Management Errors Vulnerability (CVE-2015-5332)