Paulo Miguel

**Name of the Vulnerable Software and Affected Versions** Atlassian JIRA Software version 7.0.3 Atlassian JIRA Core version 7.0.3 Atlassian JIRA Service Desk version 3.0.3 **Description** The issue allows remote attackers to potentially obtain sensitive information by updating a different issue that includes wiki markup for an external image reference, when a user views an issue with inline wiki markup referencing an image attachment. This occurs because the wrong image is attached to e-mail notifications. **Recommendations** For Atlassian JIRA Software version 7.0.3, update to a version that fixes the issue of attaching the wrong image to e-mail notifications. For Atlassian JIRA Core version 7.0.3, update to a version that fixes the issue of attaching the wrong image to e-mail notifications. For Atlassian JIRA Service Desk version 3.0.3, update to a version that fixes the issue of attaching the wrong image to e-mail notifications.