-
Bug
-
Resolution: Fixed
-
Medium (View bug fix roadmap)
-
5.0
-
None
-
5
-
We have identified and fixed a vulnerability in JIRA that results from the way third-party XML parsers are used in JIRA. This vulnerability allows an attacker who is an authenticated JIRA user to execute denial of service attacks against the JIRA server.
All versions of JIRA up to and including 5.0.0 are affected.
Full details of the severity, risks and vulnerability can be found in the JIRA Security Advisory 2012-05-17.
![[Atlassian Documentation] Page](https://confluence.atlassian.com/images/icons/favicon.png "[Atlassian Documentation] Page"){kind=icon}
![[Atlassian Documentation] Page](/images/icons/generic_link_16.png "[Atlassian Documentation] Page"){kind=icon}
[JRASERVER-27719] XML Vulnerability in JIRA
| Remote Link | Original: This issue links to "Page (Atlassian Documentation)" [ 102379 ] |
| Minimum Version | New: 5 |
| Workflow | Original: JAC Bug Workflow v2 [ 2843657 ] | New: JAC Bug Workflow v3 [ 2912236 ] |
| Status | Original: Resolved [ 5 ] | New: Closed [ 6 ] |
| Workflow | Original: JIRA Bug Workflow w Kanban v7 - Restricted [ 2579492 ] | New: JAC Bug Workflow v2 [ 2843657 ] |
| Workflow | Original: JIRA Bug Workflow w Kanban v6 - Restricted [ 1543011 ] | New: JIRA Bug Workflow w Kanban v7 - Restricted [ 2579492 ] |
| Labels | Original: advisory cvss-high security | New: advisory affects-server cvss-high security |
| Component/s | Original: Security [Deprecated] [ 11831 ] |
| Status | Original: Closed [ 6 ] | New: Resolved [ 5 ] |
| Workflow | Original: JIRA Bug Workflow w Kanban v6 [ 666449 ] | New: JIRA Bug Workflow w Kanban v6 - Restricted [ 1543011 ] |
| Remote Link | Original: This issue links to "Page (Atlassian Documentation)" [ 17400 ] | New: This issue links to "Page (Atlassian Documentation)" [ 17400 ] |