Description
The way in which velocity templates were used in Atlassian Jira Server and Data Center prior to version 8.8.0 allowed remote attackers to gain remote code execution if they were able to exploit a server side template injection vulnerability.
Remediation
References
Related Vulnerabilities
WordPress 4.2.x Cross-Site Scripting Vulnerability (4.2 - 4.2.5)
Apache Traffic Server CVE-2023-41752 Vulnerability (CVE-2023-41752)
MongoDb Reachable Assertion Vulnerability (CVE-2022-24272)
WordPress Plugin Custom Fields Search by BestWebSoft Cross-Site Scripting (1.3.1)
WordPress Plugin SnapApp Multiple Cross-Site Scripting Vulnerabilities (1.5)