CVE-2018-20232
CVE-2018-20232 affects Atlassian Jira: the labels widget gadget is vulnerable to cross-site scripting (XSS) due to improper handling of content rendered from a URL location that could be controlled via the up_projectid widget setting. Affected Jira versions are before 7.6.11 and 7.7.0 up to 7.13....