The Jira Importers Plugin in Atlassian Jira Server and Data Cente from version with 7.0.10 prior to 7.6.16, from 7.7.0 prior to 7.13.8, from 8.0.0 prior to 8.1.3, from 8.2.0 prior to 8.2.5, from 8.3.0 prior to 8.3.4 and from 8.4.0 prior to 8.4.1 allows remote attackers with Administrator permissions to gain remote code execution via a template injection vulnerability through the use of a crafted PUT request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
atlassian jira |
||
atlassian jira 8.4.0 |
2019年天融信阿尔法实验室在微信公众号发布的所有安全资讯汇总
欢迎关注天融信阿尔法实验室微信公众号 20191231 [技术] 使用IDA从零开始学逆向, Part27 mediumcom/p/5fa5c173547c 36C3 CTF Writeups bananamafiadev/post/36c3ctf/ 再探同形文字攻击 alephsecuritycom/2019/12/29/revised-homograph-attacks/ 对1个Dell SonicWALL虚拟办公室的登录界面进行Password Spraying攻击
Atlassian released updates for Jira Service Desk and Jira Service Desk Data Center to fix a critical-severity security bug that can be exploited by anyone with access to a vulnerable customer portal.
The company patched another critical vulnerability affecting Jira Server and Jira Data Center that allows server-side template injection leading to remote code execution.
The bug impacting Jira Service Desk and Jira Service Desk Data Center is a URL path traversal leading to information ...