Security for everyone

CVE-2023-26255 Scanner

Detects 'Path Traversal' vulnerability in STAGIL Navigation plugin for Jira affects v. before 2.0.52.


Short Info




Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one


Parent Category

CVE-2023-26255 Scanner Detail

STAGIL Navigation for Jira - Menu & Themes is a plugin used to customize the menu and user interface themes of the Jira software. This plugin is particularly useful for organizations that have customized their Jira installations and need to maintain a consistent design throughout the application. It enables administrators to add or remove menu items and customize the look and feel of the interface without needing any programming experience. 

CVE-2023-26255 is a severe security flaw detected in the STAGIL Navigation plugin before version 2.0.52. It is an unauthenticated path traversal vulnerability that can be exploited by an attacker to read sensitive files. By injecting a specially crafted filename parameter to the snjCustomDesignConfig endpoint, an attacker can traverse the file system and read any files that the Jira application's user account has access to. 

Exploiting the CVE-2023-26255 vulnerability can result in a range of consequences depending on the files accessed. If sensitive data such as user credentials, financial records, or sensitive company information is accessed, it can lead to severe data breaches and reputational damage. Attackers can also potentially use this vulnerability to gain access to other systems and escalate their attack. 

Thanks to the pro features of the platform, individuals and organizations can easily and quickly learn about vulnerabilities in their digital assets. The platform offers comprehensive vulnerability scanning, threat detection, and remediation services, enabling users to maintain the security and integrity of their digital assets. With its cutting-edge technology and advanced security features, is the ideal solution for preventing and mitigating cybersecurity threats.



cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture