CVE-2018-5232

The EditIssue.jspa resource in Atlassian Jira before version 7.6.7 and from version 7.7.0 before version 7.10.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the issuetype parameter...

XSS in EditIssue.jspa through the issuetype parameter - CVE-2018-5232

The EditIssue.jspa resource in Atlassian Jira Server before version 7.6.7 and from version 7.7.0 before version 7.10.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the issuetype parameter...