2 matches found
CVE-2017-16864
CVE-2017-16864 describes an XSS vulnerability in Atlassian Jira prior to version 7.4.2. The issue is triggered in the orderby parameter of the Jira “issue search” resource, allowing remote attackers to inject arbitrary HTML or JavaScript. Components affected are Jira’s search/resource handling fo...
XSS through the orderby parameter in the issue search resource - CVE-2017-16864
The issue search resource in Atlassian Jira before version 7.4.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the orderby parameter...