Uploaded image for project: 'SR for Jira - Development'
  1. SR for Jira - Development
  2. SRJIRA-2832

Critical Security Vulnerability

    Details

    • Critical Points:
      0

      Description

      During an internal review Adaptavist found a security vulnerability in ScriptRunner for Jira. According to Atlassian's security severity levels this vulnerability is classified as critical. All versions of ScriptRunner for Jira Server 4.0 and above are affected.

      We strongly recommend customers update at their earliest opportunity to patch this vulnerability.

      How to fix the vulnerability 

      This vulnerability can be fixed by upgrading ScriptRunner for Jira. Full instructions on how to upgrade an app can be found on Atlassian's support page

      Updates are available for all affected versions. ScriptRunner for Jira Cloud is not affected. 

      Further details will be released in due course as part of Adaptavist's commitment to responsible disclosure. Adaptavist is committed to providing powerful and secure apps for Atlassian products and we are unaware of any instances of this vulnerability being exploited across our customer base. If you have urgent questions please contact our support team.


      • If you have Jira 7.2 or above, upgrade to ScriptRunner for Jira version 5.3.26 or above
      • If you have Jira 7.0 or 7.1, upgrade to ScriptRunner for Jira version 5.1.6.2
      • If you have Jira 6.4, upgrade to ScriptRunner for Jira version 4.1.3.29
      • If you have Jira 6.3.10 to Jira 6.3.15 inclusive, upgrade to ScriptRunner for Jira version 4.1.3.28
      • If you have Jira 6.3.0 to 6.3.9 inclusive, upgrade to ScriptRunner for Jira version 4.1.3.27

        Attachments

          Structure

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              jmort Jon Mort
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Structure Helper Panel