CVE-2015-8481

Name of the Vulnerable Software and Affected Versions Atlassian JIRA Software version 7.0.3 Atlassian JIRA Core version 7.0.3 Atlassian JIRA Service Desk version 3.0.3

Description The issue allows remote attackers to potentially obtain sensitive information by updating a different issue that includes wiki markup for an external image reference, when a user views an issue with inline wiki markup referencing an image attachment. This occurs because the wrong image is attached to e-mail notifications.

Recommendations For Atlassian JIRA Software version 7.0.3, update to a version that fixes the issue of attaching the wrong image to e-mail notifications. For Atlassian JIRA Core version 7.0.3, update to a version that fixes the issue of attaching the wrong image to e-mail notifications. For Atlassian JIRA Service Desk version 3.0.3, update to a version that fixes the issue of attaching the wrong image to e-mail notifications.