A third party scan found that the Issue Navigator action is vulnerable to content spoofing, in specific text injection. In this case the content spoofing may be used to perform a phishing attack on users.
How to reproduce:
1. go to https://jira.atlassian.com/issues/?filter=whscheck%22%20was%20not%20found%20on%20this%20server.%20WARNING:%20Your%20account%20has%20been%20suspended.%20Contact%20WhiteHat%20immediately%20at%20%22000-000-0000.

2. observe that the filter parameter value is found html encoded below in the error message.