3 matches found
CVE-2019-20409
The way in which velocity templates were used in Atlassian Jira Server and Data Center prior to version 8.8.0 allowed remote attackers to gain remote code execution if they were able to exploit a server side template injection vulnerability...
CVE-2019-20409
CVE-2019-20409 affects Atlassian Jira Server and Data Center versions prior to 8.8.0. The issue arises from how Velocity templates are used, enabling remote attackers to trigger server-side template injection and achieve remote code execution. The confirmed fix is upgrade to Jira 8.8.0 or later. ...
Make use of Secure Introspector in Velocity Templates - CVE-2019-20409
This issue exists to document that a security improvement in the way that Jira Server and Data Center use velocity templates has been implemented. The way in which velocity templates were used in Atlassian Jira Server and Data Center prior to version 8.8.0 allowed remote attackers to gain remote...