-
Bug
-
Resolution: Fixed
-
Low (View bug fix roadmap)
-
7.8.4, 8.3.0
-
7.08
-
Severity 2 - Major
-
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to impact the application's availability via a Denial of Service (DoS) vulnerability on the UserPickerBrowser.jspa page.
Affected versions:
- version < 7.13.9
- 8.0.0 ≤ version < 8.4.2
Fixed versions:
- 7.13.9
- 8.4.2
- 8.5.0
This is an independent assessment and you should evaluate its applicability to your own IT environment.
CVSS v3 score: 7.5 => High severity
Exploitability Metrics
Scope Metric
Impact Metrics
https://asecurityteam.bitbucket.io/cvss_v3/#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H