JIRA :: Possibility of SQL Injection as database schema exposed in exception

XMLWordPrintable

    • Type: Bug
    • Resolution: Answered
    • Priority: Highest
    • None
    • Affects Version/s: None
    • Component/s: None

      NOTE: This bug report is for JIRA Server. Using JIRA Cloud? See the corresponding bug report.

      While trying to add one issue (Which contained some special character),
      Exception is displayed and under that exception, database schema of JIRA is exposed
      Special characters were:
      (¡™£¢∞§¶•ªº–≠“‘«…æ≤≥÷ ) or (кнαη мαηѕσσя)

      This can be possibility of SQL Injection

      Screenshot attached

        1. Jira Exception1.png
          Jira Exception1.png
          499 kB

            Assignee:
            Unassigned
            Reporter:
            Pradeep Nain
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: