Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-64077

Multiple Vulnerabilities in JIRA Workflow Servlet

XMLWordPrintable

      Affected Versions
      4.2.4 <= version < 6.3.0

      An anonymous user can perform multiple attacks on a vulnerable JIRA instance that could cause remote code execution, the disclosure of private files or execute a denial of service attack against the JIRA server. This vulnerability is caused by the way an XML parser and deserializer was used in JIRA.

      For additional details see the full advisory.

            mhart@atlassian.com Matt Hart (Inactive)
            mhart@atlassian.com Matt Hart (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            13 Start watching this issue

              Created:
              Updated:
              Resolved: