3 matches found
Atlassian Jira Server and Data Center Template Injection Vulnerability (JRASERVER-69933)
According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is potentially affected by a template injection vulnerability in the Jira Importers Plugin. An unauthenticated, remote attacker can exploit this issue to execute arbitrary commands on the...
CVE-2019-15001
CVE-2019-15001 concerns Atlassian Jira Server/Data Center, specifically the Jira Importers Plugin. The vulnerability is a server-side template injection that can be triggered by a crafted PUT request, allowing remote code execution. The issue requires Administrator permissions to exploit and has ...
Template injection in Jira importers plugin - CVE-2019-15001
h3. Issue Summary There was a server-side template injection vulnerability in Jira Server and Data Center, in the Jira Importers Plugin JIM. An attacker with "JIRA Administrators" access can exploit this issue. Successful exploitation of this issue allows an attacker to remotely execute code on...