CVE-2012-1500 – jira 4.4.3 / greenhopper < 5.9.8 - Multiple Vulnerabilities

https://notcve.org/view.php?id=CVE-2012-1500

Stored XSS vulnerability in UpdateFieldJson.jspa in JIRA 4.4.3 and GreenHopper before 5.9.8 allows an attacker to inject arbitrary script code. Una vulnerabilidad de tipo XSS almacenado del archivo UpdateFieldJson.jspa en JIRA versión 4.4.3 y GreenHopper versiones anteriores a 5.9.8, permite a un atacante inyectar código de script arbitrario. • https://www.exploit-db.com/exploits/21052 https://web.archive.org/web/20121014055829/http://www.cloudscan.me/2012/09/cve-2012-1500-ghs-5375-ghs-5642.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •