CVE-2020-14193

Name of the Vulnerable Software and Affected Versions Automation for Jira - Server versions prior to 7.1.15

Description The issue allows remote attackers to read and render files as mustache templates in files inside the WEB-INF/classes and jira-installation/jira/bin directories via a template injection vulnerability in Jira smart values using mustache partials.

Recommendations For versions prior to 7.1.15, update to version 7.1.15 or later to resolve the issue. As a temporary workaround, consider restricting access to the mustache template functionality in Jira smart values to minimize the risk of exploitation.