CVE-2017-16863

Description

The PieChart gadget in Atlassian Jira before version 7.5.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the name of a project or filter.

Affected products

• Atlassian / Atlassian JiraAll versions prior to version 7.5.3 – All versions prior to version 7.5.3

References

• MISChttps://jira.atlassian.com/browse/JRASERVER-66623
• MISChttp://www.securityfocus.com/bid/102732