5 matches found
CVE-2017-18098
The searchrequest-xml resource in Atlassian Jira before version 7.6.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability through various fields...
Cross site scripting
The searchrequest-xml resource in Atlassian Jira before version 7.6.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability through various fields...
XSS in the searchrequest-xml resource through various fields - CVE-2017-18098
The searchrequest-xml resource in Atlassian Jira before version 7.6.1 and before version 7.7.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability through various fields...
XSS in the searchrequest-xml resource through various fields - CVE-2017-18098
The searchrequest-xml resource in Atlassian Jira before version 7.6.1 and before version 7.7.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability through various fields...
XSS Vulnerability in jira.issueviews:searchrequest-xml
The endpoint /sr/jira.issueviews:searchrequest-xml/temp/SearchRequest.xml/|https://jira.uberinternal.com/sr/jira.issueviews:searchrequest-xml/temp/SearchRequest.xml/-- is vulnerable to an XSS injection in certain cases. Normally, the browser will urlencode its requests, but some proxy servers and...