Security Advisory

CVE-2021-26086

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-08-16 00:15:09

Last updated 2025-10-21 23:25:37

Assigner atlassian

State PUBLISHED

Description

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to read particular files via a path traversal vulnerability in the /WEB-INF/web.xml endpoint. The affected versions are before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.0 before 8.16.1.

← Browse all CVEs View on cve.org ↗