High severity7.2NVD Advisory· Published Sep 19, 2019· Updated Jun 17, 2026
CVE-2019-15001
CVE-2019-15001
Description
The Jira Importers Plugin in Atlassian Jira Server and Data Cente from version with 7.0.10 before 7.6.16, from 7.7.0 before 7.13.8, from 8.0.0 before 8.1.3, from 8.2.0 before 8.2.5, from 8.3.0 before 8.3.4 and from 8.4.0 before 8.4.1 allows remote attackers with Administrator permissions to gain remote code execution via a template injection vulnerability through the use of a crafted PUT request.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: 7.0.10 < 7.6.16, 7.7.0 < 7.13.8, 8.0.0 < 8.1.3, 8.2.0 < 8.2.5, 8.3.0 < 8.3.4, 8.4.0 < 8.4.1
- Range: 7.0.10
- Range: 7.0.10
Patches
Vulnerability mechanics
References
3- packetstormsecurity.com/files/154611/Jira-Server-Data-Center-Template-Injection.htmlnvdThird Party AdvisoryVDB Entry
- jira.atlassian.com/browse/JRASERVER-69933nvdRelease NotesVendor Advisory
- seclists.org/bugtraq/2019/Sep/42nvdMailing ListThird Party Advisory
News mentions
0No linked articles in our index yet.