Security Advisory
We wish to advise our customers of a vulnerability in Refined for Jira Server / Data Center. Affected versions are 3.0.0-3.1.3 and 3.2.0-3.2.4 .
Risk Assessment
The vulnerability would allow an attacker to perform an unrestricted file upload. All customers on affected versions are affected.
If you have any questions regarding this, please reach out to us via support.refined.com.
Fixed versions
This issue has been fixed in versions 3.1.4 and 3.2.5. If you are currently on a lower version, we recommend to upgrade to 3.1.4 or 3.2.5. Please note that if you upgrade via UPM, you will get the latest version (3.2.5). To upgrade to 3.1.4 you need to download the JAR file and manually upload it in the UPM.