cvedb.io
CVE-2017-5983
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2017-04-10T15:59:00.457 · Last modified 2026-06-17T01:21:33.830

Summary

The JIRA Workflow Designer Plugin in Atlassian JIRA Server before 6.3.0 improperly uses an XML parser and deserializer, which allows remote attackers to execute arbitrary code, read arbitrary files, or cause a denial of service via a crafted serialized Java object.

Affected products

atlassian — jira

Does this affect you?

Add your gear to cvedb and we'll alert you only when atlassian ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.