Description
The email client in Jira Server and Data Center before version 7.13.16, from 8.5.0 before 8.5.7, from 8.8.0 before 8.8.2, and from 8.9.0 before 8.9.1 allows remote attackers to access outgoing emails between a Jira instance and the SMTP server via man-in-the-middle (MITM) vulnerability.
Remediation
References
Related Vulnerabilities
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2008-1672)
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-7827)
Atlassian Jira Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-20408)
Jenkins Improper Input Validation Vulnerability (CVE-2012-4438)
WordPress Plugin WP eCommerce Multiple Vulnerabilities (3.9.1)