SynopsisThe remote web server hosts an application that is vulnerable to a directory traversal attack vector.
DescriptionThe version of JIRA installed on the remote host is earlier than 6.0.4 and is affected by a flaw in the Issue Collector plugin within 'rest/TemporaryAttachmentsResource.java' that allows traversing outside of a restricted path. The issue is due to the 'filename' POST parameter not being properly sanitized, specifically allowing path traversal style attacks (e.g. '../'). With a specially crafted request, a remote attacker can write files to arbitrary locations on the system.
SolutionUpdate to JIRA 6.0.x version 6.0.4 or later.