Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Low
Fix Version/s: 7.13.12, 8.7.0, 8.6.1, 8.5.4
Affects Version/s: 8.4.1
Component/s: Issue - Comments
Labels:

Fixed in Long Term Support Release/s:

Download 7.13, 8.5
Introduced in Version:
8.04
Support reference count:
1
Symptom Severity:
Severity 2 - Major
Bug Fix Policy:
View Atlassian Server bug fix policy

Comment properties in Atlassian Jira Server and Data Center before version 7.13.12, from 8.0.0 before version 8.5.4, and 8.6.0 before version 8.6.1 allows remote attackers to make comments on a ticket to which they do not have commenting permissions via a broken access control bug.

mentioned in: Page Loading...; Page Loading...

Assignee:: Daniel Ramotowski

Reporter:: Colin Xu

Votes:: 1 Vote for this issue

Watchers:: 3 Start watching this issue

Due:: 24/Mar/2020

Created:: 28/Jan/2020 3:52 AM

Updated:: 11/Mar/2022 12:35 PM

Resolved:: 03/Feb/2020 10:46 AM

Details

Description

Attachments

Issue Links

Forms

Activity

People

Dates