{panel:bgColor=#e7f4fa}
NOTE: This bug report is for JIRA Cloud. Using JIRA Server? [See the corresponding bug report|http://jira.atlassian.com/browse/JRASERVER-61888].
{panel}
Somewhat hard to exploit but still doable when it comes to cache poisoning. Steps to reproduce:
Offending code in {{/src/main/webapp/includes/decorators/global-translations.jsp#18}}:
{code:java}
17 <input type=“hidden” title=“ajaxUnauthorised” value=“<ww:text name=”‘common.forms.ajax.unauthorised.alert’“/>”>
18 <input type=“hidden” title=“baseURL” value=“<%=request.getScheme() + “://” +request.getServerName() + ‘:’ + request.getServerPort() + request.getContextPath()%>”>
19 <input type=“hidden” title=“ajaxCommsError” value=“<ww:text name=”‘common.forms.ajax.commserror’“/>”>
{code}