The CachingResourceDownloadRewriteRule class in Jira Server and Jira Data Center before version 8.5.11, from 8.6.0 prior to 8.13.3, and from 8.14.0 prior to 8.15.0 allowed unauthenticated remote malicious users to read arbitrary files within WEB-INF and META-INF directories via an incorrect path access check.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
atlassian data center |
||
atlassian jira data center |
||
atlassian jira server |