Uploaded image for project: 'Jira Service Management Data Center'
  1. Jira Service Management Data Center
  2. JSDSERVER-6289

The version of moment.js used in Jira Service Desk was vulnerable to a regular expression denial of service

    XMLWordPrintable

Details

    Description



      The version of moment.js used in Jira Service Desk Server before version 4.0.0 allows remote attackers to cause a denial of service in user's browsers via a regular expression denial of service. For additional details see https://github.com/moment/moment/issues/2936.

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. JRASERVER-69040 The version of moment.js used in Jira was vulnerable to a regular expression denial of service

          • Low - Low priority issues
          • Closed

          Activity

            People

              Unassigned Unassigned
              security-metrics-bot Security Metrics Bot
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Backbone Issue Sync