Code injection vulnerability in Atlassian Jira Server - CVE-2019-15001 (linux)ID: oval:org.secpod.oval:def:90962 | Date: (C)2023-07-14 (M)2023-07-14 |
Class: VULNERABILITY | Family: unix |
The host is installed with Atlassian Jira Server 7.0.10 before 7.6.16, 7.7.0 before 7.13.8, 8.0.0 before 8.1.3, 8.2.0 before 8.2.5, 8.3.0 before 8.3.4, and 8.4.0 before 8.4.1 and is prone to a code injection vulnerability. A flaw is present in the application which fails to properly handle issues in the Jira Importers Plugin (JIM). Successful exploitation allows an attacker to remotely execute code on systems that run a vulnerable version of Jira Server.
Product: |
Atlassian Jira Server |