Primary

Context

Atlassian Jira Software Data Center and Server Path Traversal Vulnerability Allowing Arbitrary Write

Vulnerability

Patched

A high-severity path traversal vulnerability allowing arbitrary write has been identified in Jira Software Data Center and Server. This vulnerability affects versions 9.12.0, 10.3.0, and 11.0.0. It allows an attacker to modify any filesystem path that is writable by the Jira JVM process.

Impact

Exploitation of this vulnerability could lead to unauthorized modification of files in the filesystem, potentially allowing for further attacks or disruption of service.

Remediation

Users are advised to upgrade to the latest version of Jira Software Data Center and Server. If an immediate upgrade is not possible, users can upgrade to one of the specified supported fixed versions: 9.12.28, 10.3.12, or 11.1.0.

Added: Oct 22, 2025, 1:17 AM

Updated: Oct 22, 2025, 1:17 AM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

0.6

exploitability

4.9

remediation

7.7

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

0.6

exploitability

4.9

remediation

7.7

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Atlassian Jira Software Data Center and Server Path Traversal Vulnerability Allowing Arbitrary Write

Vulnerability

Impact

Remediation

Affected Products

Atlassian Jira Software Data Center

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating