[JSWSERVER-20111] Denial of service in issue searching through Epic Name ordering - CVE-2019-11583 - Create and track feature requests for Atlassian products.

Type: Bug
Resolution: Fixed
Priority: Medium (View bug fix roadmap)
Fix Version/s: 8.1.0, 7.13.4
Affects Version/s: 7.2.15, 8.0.0, 7.13.1, 7.6.11
Component/s: Epics
Labels:

Fixed in Long Term Support Release/s:

Download 7.13
Introduced in Version:
7.02
Symptom Severity:
Severity 1 - Critical
Bug Fix Policy:
View Atlassian Server bug fix policy

The issue searching component in Jira before version 8.1.0 allows remote attackers to
deny access to Jira service via denial of service vulnerability in issue search when ordering by "Epic Name".

mentioned in: Page Failed to load

No work has yet been logged on this issue.

Assignee:: Unassigned

Reporter:: Security Metrics Bot

Affected customers:: 0 This affects my team

Watchers:: 13 Start watching this issue

Created:: 23/Jun/2019 10:48 PM

Updated:: 22/May/2020 8:10 AM

Resolved:: 23/Jun/2019 10:48 PM

Jira Software Data Center

Details

Description

Attachments

Issue Links

Forms

Activity

[JSWSERVER-20111] Denial of service in issue searching through Epic Name ordering - CVE-2019-11583

People

Dates

Backbone Issue Sync