Security Advisory 2021-07-21

Owned by Johannes Laatu (Deactivated)
Last updated: May 11, 2023 by Madzy Soetman
1 min read

We wish to advise our customers of a vulnerability in Refined for Jira Server / Data Center. Affected versions are 3.0.0-3.1.3 and 3.2.0-3.2.4 .

Risk Assessment

The vulnerability would allow an attacker to perform an unrestricted file upload. If you have any questions, please reach out to us.

Fixed versions

This issue has been fixed in versions 3.1.4 and 3.2.5. If you are currently on a lower version, we recommend to upgrade to 3.1.4 or 3.2.5. Please note that if you upgrade via UPM, you will get the latest version (3.2.5). To upgrade to 3.1.4 you need to download the JAR file and manually upload it in the UPM.