Atlassian Jira Server and Data Center Path Traversal Vulnerability
Overdue
Atlassian / Jira Server and Data Center
CWE-22
Description
Atlassian Jira Server and Data Center contain a path traversal vulnerability that allows a remote attacker to read particular files in the /WEB-INF/web.xml endpoint.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
References
Additional Information
- Catalog Version
- 2025.01.24
- Catalog Released
- Jan. 24, 2025
- Days Until Due
- 0 days
- Last Updated
- 4 months, 1 week ago