Released on .
Compatible with JIRA 7.X and later.
If manually downloading the archive from the Atlassian Marketplace, please make sure to download the version that is compatible with your Jira. Version 6.7.2-jira7 is compatible with Jira 7 only and version 6.7.2 is compatible with Jira 8.x and later.
This version of TM4J Test Management for Jira Server and Data Center addresses a critical security vulnerability that was recently identified in TM4J. The vulnerability affects all versions of TM4J prior to 6.7.2.
The vulnerability means that files and network resources (such as http) were accessible to the Jira server via an XML external entity (XXE) flaw. In order to exploit this flaw users must be logged into Jira and have permissions to view a project that has TM4J enabled.
If you have any questions, please feel free to raise a support request at https://productsupport.adaptavist.com/servicedesk/customer/portal/27/create/163 referencing JQA-7984.