Atlassian Jira Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2019-20414
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in Issue Navigator Basic Search. The affected versions are before version 7.13.9 and from version 8.0.0 before 8.4.2.