-
Public Security Vulnerability
-
Resolution: Fixed
-
Low
-
4.17.1, 4.13.8, 4.5.18
-
None
-
7.2
-
High
-
CVE-2021-39115
Affected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers with "Jira Administrators" access to execute arbitrary Java code or run arbitrary system commands via a Server_Side Template Injection vulnerability in the Email Template feature.
The affected versions are before version 4.13.9, and from version 4.14.0 before 4.18.0.
Â
Affected versions:
- version < 4.13.9
- 4.14.0 ≤ version < 4.18.0
Fixed versions:
- 4.13.9
- 4.18.0 Â
Â