Loading...

Log In
Closed

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Low
Fix Version/s: 7.13.12, 8.5.4, 8.6.1, 8.7.0
Affects Version/s: 8.4.1
Component/s: Issue - Comments
Labels:

Fixed in Long Term Support Release/s:

Download 7.13, 8.5
Introduced in Version:
8.04
Support reference count:
1
Symptom Severity:
Severity 2 - Major

Comment properties in Atlassian Jira Server and Data Center before version 7.13.12, from 8.0.0 before version 8.5.4, and 8.6.0 before version 8.6.1 allows remote attackers to make comments on a ticket to which they do not have commenting permissions via a broken access control bug.

mentioned in: Page Loading...; Page Loading...

Assignee:: Daniel Ramotowski (Inactive)
Reporter:: Colin Xu
Votes:: 1 Vote for this issue
Watchers:: 3 Start watching this issue

Due:: 24/Mar/2020
Created:: 28/Jan/2020 3:52 AM
Updated:: 11/Mar/2022 12:35 PM
Resolved:: 03/Feb/2020 10:46 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates