Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-71833

SQL Injection in Jira Software Server [Integration for HipChat]

XMLWordPrintable

    • 5.9
    • Medium

      Affected versions of Jira Server have a SQL injection vulnerability that has now been fixed by removing the vulnerable HipChat integration plugin.

      Affected versions:

      • versions < 8.14.0

      Fixed versions:

      • 8.14.0

       The plugin is no longer installed in new versions of Jira. However, the removal of the plugin was not back-ported to an LTS release. Therefore, as a workaround, we recommend disabling the plugin.

              Unassigned Unassigned
              security-metrics-bot Security Metrics Bot
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: