In the "Time in Status" app before 4.13.0 for Jira, remote authenticated attackers can cause Stored XSS.Referenceshttps://marketplace.atlassian.com/apps/1211756/time-in-status/version-historyhttps://dev.obss.com.tr/confluence/display/MD/2021-02-25+Time+in+Status+for+Jira+Server+and+Data+Center+Security+Advisoryhttps://dev.obss.com.tr/jira/browse/APDTIS-1097?src=confmacro
