Tuo4N8

**Name of the Vulnerable Software and Affected Versions** Atlassian Jira Server and Data Center versions prior to 8.13.15, and versions 8.14.0 through 8.20.3. **Description** The issue allows remote attackers with administrator privileges to execute arbitrary code via a Remote Code Execution (RCE) vulnerability in the Email Templates feature. This problem bypasses the fix of https://jira.atlassian.com/browse/JSDSERVER-8665. **Recommendations** For versions prior to 8.13.15, and versions 8.14.0 through 8.20.3, update to a version that contains the fix for this issue. As a temporary workaround, consider disabling the Email Templates feature until a patch is available. Restrict access to the Email Templates feature to minimize the risk of exploitation.