Vulnerability Change Records for CVE-2019-15001

Change History

CVE Modified by Atlassian 9/25/2019 4:15:11 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://packetstormsecurity.com/files/154611/Jira-Server-Data-Center-Template-Injection.html [No Types Assigned]

CVE Modified by Atlassian 9/25/2019 9:15:11 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://seclists.org/bugtraq/2019/Sep/42 [No Types Assigned]

CWE Remap 8/24/2020 1:37:01 PM

Action Type Old Value New Value
Changed CWE
CWE-74
CWE-94

CVE Modified by Atlassian 7/16/2020 10:15:11 AM

Action Type Old Value New Value
Changed Description
The Jira Importers Plugin in Atlassian Jira Server and Data Cente from version with 7.0.10 before 7.6.16, from 7.7.0 before 7.13.8, from 8.1.0 before 8.1.3, from 8.2.0 before 8.2.5, from 8.3.0 before 8.3.4 and from 8.4.0 before 8.4.1 allows remote attackers with Administrator permissions to gain remote code execution via a template injection vulnerability through the use of a crafted PUT request.
The Jira Importers Plugin in Atlassian Jira Server and Data Cente from version with 7.0.10 before 7.6.16, from 7.7.0 before 7.13.8, from 8.0.0 before 8.1.3, from 8.2.0 before 8.2.5, from 8.3.0 before 8.3.4 and from 8.4.0 before 8.4.1 allows remote attackers with Administrator permissions to gain remote code execution via a template injection vulnerability through the use of a crafted PUT request.