-
Type:
Public Security Vulnerability
-
Resolution: Fixed
-
Priority:
Low
-
Affects Version/s: 7.13.9, 8.2.3, 8.5.3, 8.7.0
-
Component/s: None
-
4.3
-
Medium
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to display arbitrary messages in the application via an injection vulnerability in the XSRF token error page.
The affected versions are before version 8.5.14, and from version 8.6.0 before 8.12.1.
Affected versions:
- version < 8.5.14
- 8.6.0 ≤ version < 8.12.1
Fixed versions:
- 8.5.14
- 8.12.1