The JIRA Workflow Designer Plugin in Atlassian JIRA Server prior to 6.3.0 improperly uses an XML parser and deserializer, which allows remote malicious users to execute arbitrary code, read arbitrary files, or cause a denial of service via a crafted serialized Java object.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
atlassian jira 4.2.4 |
||
atlassian jira 5.0.2 |
||
atlassian jira 5.0.3 |
||
atlassian jira 5.0.4 |
||
atlassian jira 5.0.5 |
||
atlassian jira 5.2.3 |
||
atlassian jira 5.2.4 |
||
atlassian jira 5.2.5 |
||
atlassian jira 5.2.6 |
||
atlassian jira 6.0.8 |
||
atlassian jira 6.1 |
||
atlassian jira 6.1.1 |
||
atlassian jira 6.1.2 |
||
atlassian jira 6.2.6 |
||
atlassian jira 6.2.7 |
||
atlassian jira 4.3.4 |
||
atlassian jira 4.4 |
||
atlassian jira 4.4.1 |
||
atlassian jira 4.4.2 |
||
atlassian jira 4.4.3 |
||
atlassian jira 5.1.3 |
||
atlassian jira 5.1.4 |
||
atlassian jira 5.1.5 |
||
atlassian jira 5.1.6 |
||
atlassian jira 5.2.11 |
||
atlassian jira 6.0 |
||
atlassian jira 6.0.1 |
||
atlassian jira 6.0.2 |
||
atlassian jira 6.1.8 |
||
atlassian jira 6.1.9 |
||
atlassian jira 6.2 |
||
atlassian jira 6.2.1 |
||
atlassian jira 4.3 |
||
atlassian jira 4.3.2 |
||
atlassian jira 4.4.4 |
||
atlassian jira 5.0 |
||
atlassian jira 5.1 |
||
atlassian jira 5.1.2 |
||
atlassian jira 5.1.7 |
||
atlassian jira 5.2 |
||
atlassian jira 5.2.2 |
||
atlassian jira 5.2.7 |
||
atlassian jira 5.2.9 |
||
atlassian jira 6.0.4 |
||
atlassian jira 6.0.7 |
||
atlassian jira 6.1.3 |
||
atlassian jira 6.1.5 |
||
atlassian jira 6.1.7 |
||
atlassian jira 6.2.2 |
||
atlassian jira 6.2.4 |
||
atlassian jira 4.3.1 |
||
atlassian jira 4.3.3 |
||
atlassian jira 4.4.5 |
||
atlassian jira 5.0.1 |
||
atlassian jira 5.0.7 |
||
atlassian jira 5.1.1 |
||
atlassian jira 5.1.8 |
||
atlassian jira 5.2.1 |
||
atlassian jira 5.2.8 |
||
atlassian jira 5.2.10 |
||
atlassian jira 6.0.3 |
||
atlassian jira 6.0.5 |
||
atlassian jira 6.1.4 |
||
atlassian jira 6.1.6 |
||
atlassian jira 6.2.3 |
||
atlassian jira 6.2.5 |