virus logo FortiClient Vulnerability

Atlassian Jira Software Server CVE-2021-43944 Code Injection Vulnerability

description-logoDescription

This issue exists to document that a security improvement in the way that Jira Server and Data Center use templates has been implemented. Affected versions of Atlassian Jira Server and Data Center allowed remote attackers with system administrator permissions to execute arbitrary code via Template Injection leading to Remote Code Execution (RCE) in the Email Templates feature. The affected versions are before version 8.13.15, and from version 8.14.0 before 8.20.3.

affected-products-logoAffected Applications

Jira Software Server

CVE References

CVE-2021-43944

Other References

https://jira.atlassian.com/projects/JRASERVER/issues/
ID 74231
Created Dec 20, 2022
Description
Updated		 Dec 14, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Atlassian
Patch manual
Application Jira Software Server