Vulnerabilities > CVE-2020-14189 - Unspecified vulnerability in Atlassian Jira Comment
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
The execute function in in the Atlassian gajira-comment GitHub Action before version 2.0.2 allows remote attackers to execute arbitrary code in the context of a GitHub runner by creating a specially crafted GitHub issue comment.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |