High Description
This issue tracks a small number of important security bugs without specifying their details.
The details of security bugs will be fully disclosed, as per Atlassian's security policy, once customers have had a chance to upgrade.
This bug additionally serves to hold, as an attached file, the patch to fix these issues in version 4.0.2 of JIRA.