We couldn't load all Actvitity tabs. Refresh the page to try again.
If the problem persists, contact your Jira admin.
IMPORTANT: JAC is a Public system and anyone on the internet will be able to view the data in the created JAC tickets. Please don’t include Customer or Sensitive data in the JAC ticket.
Uploaded image for project: 'Jira Platform Cloud'
  1. Jira Platform Cloud
  2. JRACLOUD-36442

Path traversal in JIRA Issue Collector plugin (Windows only)

      NOTE: This bug report is for JIRA Cloud. Using JIRA Server? See the corresponding bug report.

      We have identified and fixed a vulnerability in JIRA which allowed unauthenticated users to create files in any valid directory inside JIRA install. In order to exploit this vulnerability, an attacker requires access to JIRA web interface.

      This issue only affects JIRA servers running on Windows OS. It is not exploitable on Linux and OSX systems.

      The vulnerability affects all supported versions of JIRA up to and including 6.0.3. It has been fixed in 6.0.4.

      For more information, see our security advisory.

            Loading...
            IMPORTANT: JAC is a Public system and anyone on the internet will be able to view the data in the created JAC tickets. Please don’t include Customer or Sensitive data in the JAC ticket.
            Uploaded image for project: 'Jira Platform Cloud'
            1. Jira Platform Cloud
            2. JRACLOUD-36442

            Path traversal in JIRA Issue Collector plugin (Windows only)

                NOTE: This bug report is for JIRA Cloud. Using JIRA Server? See the corresponding bug report.

                We have identified and fixed a vulnerability in JIRA which allowed unauthenticated users to create files in any valid directory inside JIRA install. In order to exploit this vulnerability, an attacker requires access to JIRA web interface.

                This issue only affects JIRA servers running on Windows OS. It is not exploitable on Linux and OSX systems.

                The vulnerability affects all supported versions of JIRA up to and including 6.0.3. It has been fixed in 6.0.4.

                For more information, see our security advisory.

                        Unassigned Unassigned
                        rbattaglin Renan Battaglin
                        Votes:
                        0 Vote for this issue
                        Watchers:
                        4 Start watching this issue

                          Created:
                          Updated:
                          Resolved:

                            Unassigned Unassigned
                            rbattaglin Renan Battaglin
                            Affected customers:
                            0 This affects my team
                            Watchers:
                            4 Start watching this issue

                              Created:
                              Updated:
                              Resolved: