Affected versions of Atlassian Jira Server or Data Center using the Jira Service Management addon allow remote attackers with JIRA Administrators access to execute arbitrary Java code via a server-side template injection vulnerability in the Email Template feature. The affected versions of Jira Server or Data Center are before version 8.13.12, and from version 8.14.0 before 8.19.1.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://jira.atlassian.com/browse/JRASERVER-72804 |
History
Fri, 11 Oct 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: atlassian
Published: 2021-09-16T05:20:10.512566Z
Updated: 2024-10-10T16:00:53.918Z
Reserved: 2021-08-16T00:00:00
Link: CVE-2021-39128
Vulnrichment
Updated: 2024-08-04T01:58:17.980Z
NVD
Status : Modified
Published: 2021-09-16T06:15:06.833
Modified: 2024-11-21T06:18:38.817
Link: CVE-2021-39128
Redhat
No data.