Atlassian Service Management Update Version Jira Software 11.3.0

Views
2

Your rating
Rate update installation process

Log in to rate this update.
Login

Risk factor
No ratings yet. Be the first to rate this update.

Smooth installs 0%
Minor issues 0%
Major issues 0%

Update Summary

Jira Software 11.3.0 was released on 2025-12-03. It addresses multiple security vulnerabilities, includes several bug fixes, and notes a known issue: JSWSERVER-26624.

Update Details

Security

  • Fixed a DoS vulnerability in the glob-parent dependency (JSWSERVER-26730).
  • Fixed a DoS vulnerability in the ua-parser-js dependency (JSWSERVER-26714).
  • Fixed an XSS vulnerability in the dompurify dependency (JSWSERVER-26665).
  • Fixed injection vulnerabilities in the sha.js and cipher-base dependencies (JSWSERVER-26662, JSWSERVER-26661).
  • Fixed an RCE vulnerability in Jira Software Data Center and Server (JSWSERVER-26635).
  • Fixed XXE vulnerabilities in Jira Software Data Center and Server, including the Tika dependency (JSWSERVER-26634, JSWSERVER-26630).
  • Fixed a prototype pollution vulnerability in the zrender dependency (JSWSERVER-26625).
  • Fixed a DoS vulnerability in the axios dependency (JSWSERVER-26620).

Bug Fixes

  • Disabling the HTML renderer in field descriptions no longer breaks descriptions for fields such as Team and Parent link.
  • Team field values for subtasks are no longer stored in the entity_property table.
  • The "Webhook not installed" warning is no longer shown in Jira 10.3.x when DVCS is working.
  • Fixed invalid use of RequestCache by the jira-stats thread.
  • Autoscheduling plans after switching to the new interface no longer throws NumberFormatException.
  • Unmapping a status from board columns no longer affects reporting for all issues that ever had that status.
  • Reports now show correct data after workflow changes.
  • Menu items are visible again in the Export and Tools dropdown after uploading a new logo.
  • Attachment drag-and-drop no longer causes screen flicker in Chrome 142.0.7444.135.
  • Webhook payload generation is faster due to caching in comment serialization.

Known Issues

  • Known issue JSWSERVER-26624 may affect upgrades.

Hints

  • Review the known issue JSWSERVER-26624 before upgrading.
  • Release notes indicate this version was released on 2025-12-03.
Product Information

Vendor: Atlassian

Product: Service Management

Version: Jira Software 11.3.0

Release date: Dec 3, 2025

View All Updates