Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-74228

Template Injection in Email Templates leads to RCE on Jira Service Management Server

XMLWordPrintable

    • 7.2
    • Medium

      Affected versions of Atlassian Jira Service Management Server and Data Center allows JIRA Administrators to execute arbitrary system commands via a template injection in the endpoint /admin/EmailTemplatesSettings!default.jspa.

      The affected versions are before version 8.13.19, from version 8.14.0 before 8.20.7, from version 8.21.0 before 8.22.1, and from version 8.23.0 before 9.0.0.

      Affected versions:

      • version < 8.13.19
      • 8.14.0 ≤ version < 8.20.7
      • 8.21.0 ≤ version < 8.22.1
      • 8.23.0 ≤ version < 9.0.0

      Fixed versions:

      • 8.13.19
      • 8.20.7
      • 8.22.1
      • 9.0.0

            [JRASERVER-74228] Template Injection in Email Templates leads to RCE on Jira Service Management Server

            Mandeep Jadon made changes -
            Remote Link New: This issue links to "Page (Confluence)" [ 733448 ]
            Manisha Sangwan made changes -
            Labels Original: advisory advisory-to-release dont-import security 🔢✅ New: advisory advisory-released dont-import security 🔢✅
            Manisha Sangwan made changes -
            Resolution New: Fixed [ 1 ]
            Security Original: Atlassian Staff [ 10750 ]
            Status Original: Draft [ 12872 ] New: Published [ 12873 ]
            Manisha Sangwan made changes -
            Summary Original: An Atlassian product has a security vulnerability. New: Template Injection in Email Templates leads to RCE on Jira Service Management Server
            Manisha Sangwan made changes -
            Description Original:
            Affected versions of Atlassian Jira Server allow remote attackers
            to execute arbitrary code via a Remote Code Execution (RCE) vulnerability in {component}.
            The affected versions are before version 8.13.19, from version 8.14.0 before 8.20.7, from version 8.21.0 before 8.22.1, and from version 8.23.0 before 9.0.0.

            *Affected versions:*

             * version < 8.13.19
             * 8.14.0 ≤ version < 8.20.7
             * 8.21.0 ≤ version < 8.22.1
             * 8.23.0 ≤ version < 9.0.0

            *Fixed versions:*

             * 8.13.19
             * 8.20.7
             * 8.22.1
             * 9.0.0

            		 New: Affected versions of Atlassian Jira Service Management Server and Data Center allows JIRA Administrators to execute arbitrary system commands via a template injection in the endpoint /admin/EmailTemplatesSettings!default.jspa.

            The affected versions are before version 8.13.19, from version 8.14.0 before 8.20.7, from version 8.21.0 before 8.22.1, and from version 8.23.0 before 9.0.0.

            *Affected versions:*
             * version < 8.13.19
             * 8.14.0 ≤ version < 8.20.7
             * 8.21.0 ≤ version < 8.22.1
             * 8.23.0 ≤ version < 9.0.0

            *Fixed versions:*
             * 8.13.19
             * 8.20.7
             * 8.22.1
             * 9.0.0
            Security Metrics Bot made changes -
            Labels Original: advisory advisory-to-release dont-import security New: advisory advisory-to-release dont-import security 🔢✅
            Sen Geronimo made changes -
            Component/s New: Security [ 68109 ]
            Security Metrics Bot made changes -
            Labels New: advisory advisory-to-release dont-import security
            Security Metrics Bot created issue -

              Unassigned Unassigned
              security-metrics-bot Security Metrics Bot
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: