Versions Compared

Old Version 2

changes.mady.by.user Paulo Alves

Saved on

compared with

New Version Current

changes.mady.by.user Diamantino Campos

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Note
We recommend the update of Xporter Xray Test Management for Jira Server & Data Center to the 6the 6.1.2.1 - latest version.

...

Xray Test Management for Jira Server and Data Center - Remote Code Execution on

...

Document Generator

Summary

Remote Code Execution on

Templates export

Document Generator

Advisory Release Date

 10:00 AM CET 

Product
Xporter

Xray Test Management for Jira Server & Data Center

Affected on

Xporter

Xray Test Management for Jira Server & Jira Data Center Versions

  • 6.1.2 and earlier

Fixed on

Xporter Jira

Xray Test Management Jira Server & Jira Data Center Versions

  • 6.1.2.1 and later

Summary of Vulnerability

This advisory discloses a security vulnerability classified as critical that was present in Xporter Xray Test Management for Jira Server & Data Center. Versions of Jira Server & Data Center affected by this vulnerability:

...

Customers who have upgraded Xporter Xray Test Management for Jira Server & Data Center to version 6.1.2.1 or higher are not affected.

Customers who are on any of the affected versions, upgrade your Xporter Xray Test Management for Jira Server & Data Center installations immediately to fix this vulnerability.

...

We detected a Remote Code Execution vulnerability on the Template exportsDocument Generator.

The issue can be tracked here: 

Jira
serverXpand IT Issue Tracker
serverIdb6309ad5-5416-33d6-9a09-a3e02f20d3e6
keyXRAY-8413


Fix

We have released Xporter Xray for Jira Server & DC version version 6.1.2.1 which is available for upgrade through the Atlassian Marketplace.

...

You can upgrade to the latest version of Xporter Xray for Jira Server & Data Center using the Universal Plugin Manager as explained in Updating apps

...