Vulnerability
Description
Remote attackers can access files in the Jira webroot within the META-INF directory via a lax path access check in the CachingResourceDownloadRewriteRule class in Jira before version 7.13.4, and from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1.
Recommendations
- Update JIRA to the latest version
Written by
Summarize:
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 14 days
