Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-71833

SQL Injection in Jira Software Server [Integration for HipChat]

XMLWordPrintable

    • 5.9
    • Medium

      Affected versions of Jira Server have a SQL injection vulnerability that has now been fixed by removing the vulnerable HipChat integration plugin.

      Affected versions:

      • versions < 8.14.0

      Fixed versions:

      • 8.14.0

       The plugin is no longer installed in new versions of Jira. However, the removal of the plugin was not back-ported to an LTS release. Therefore, as a workaround, we recommend disabling the plugin.

            Unassigned Unassigned
            security-metrics-bot Security Metrics Bot
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: