We have received the below vulnerabilities in JIRA Application could you please help on this.
Atlassian Jira Server and Data Center Cross Site Scripting Vulnerability(JRASERVER-70814)
Atlassian Jira Server and Data Center Multiple Vulnerabilities(JRASERVER-70883, JRASERVER-70882,JRASERVER-70881)
Atlassian Jira Server and Data Center Denial of Service Vulnerability(JRASERVER-70808)
Atlassian Jira Server and Data CenterDenial of Service Vulnerability(JRASERVER-70813)
Atlassian Jira Server and Data Center Cross Site Scripting Vulnerability(JRASERVER-70858)
Atlassian Jira Server and Data Center Information Disclosure Vulnerability(JRASERVER-70942)
Atlassian Jira Server and Data Center Cross-Site Scripting Vulnerability(JRASERVER-71184)
I see that you are using Jira 7.13.0 and have concerns about those security issues noted in those tickets. Nic is correct, you will need to upgrade Jira to a version at or above those listed fix versions in each of those bug tickets in order to prevent these vulnerabilities being exploited in Jira.
I looked at the fix versions of each of those bugs and right now I would recommend installing the latest 8.13.x version, as this is the current Enterprise release version. As of today that would be 8.13.1. There might be other acceptable versions that contain all these fixes, however this being an enterprise release means it is far more likely to keep getting critical bug fixes throughout it's two year life-span as outlined in our Support End of Life policy.
If you have not upgraded Jira before, I would recommend walking though our guide in Upgrading Jira applications for reference.
Let me know if you have any questions or concerns here.
Hey there Cloud Community members! We’re excited to give you the first glimpse of the new home for business teams on Jira — Jira Work Management. Jira Work Management is the next generation of J...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event