Description
Affected versions of Atlassian Jira Server and Data Center allow remote attackers with administrator privileges to execute arbitrary code via a Remote Code Execution (RCE) vulnerability in the Email Templates feature. This issue bypasses the fix of https://jira.atlassian.com/browse/JSDSERVER-8665. The affected versions are before version 8.13.15, and from version 8.14.0 before 8.20.3.
Remediation
References
Related Vulnerabilities
WordPress Plugin Auto Featured Image Arbitrary File Upload (1.2)
WordPress Plugin Social Sharing-Kiwi Security Bypass (2.1.0)
WordPress Plugin Visual Composer:Page Builder for WordPress Local File Inclusion (5.1)
Internet Information Services Other Vulnerability (CVE-2000-0408)
WordPress Plugin WP TripAdvisor Review Slider Cross-Site Scripting (11.8)