XSS Vulnerability in Mail.ru Calendar Plugin for Atlassian Jira

XSS Vulnerability in Mail.ru Calendar Plugin for Atlassian Jira

CVE-2016-10716 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

The Mail.ru Calendar plugin before 2.5.0.61 for Atlassian Jira has XSS via the Name field in a Create Calender action, related to a MailRuCalendar.jspa#period/month URI.

Learn more about our Web Application Penetration Testing UK.