Affected versions of Automation for Jira - Server allowed remote attackers to read and render files as mustache templates in files inside the WEB-INF/classes & <jira-installation>/jira/bin directories via a template injection vulnerability in Jira smart values using mustache partials. The affected versions are those before version 7.1.15.
[
{
"product": "Automation for Jira",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "7.1.15",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]