Affected versions of Atlassian Jira Service Desk Server and Data Center allow remote attackers authenticated as a non-administrator user to view Project Request-Types and Descriptions, via an Information Disclosure vulnerability in the editform request-type-fields resource.
Affected versions:
Fixed versions:
CPE | Name | Operator | Version |
---|---|---|---|
jira service management server and data center | le | 4.8.1 | |
jira service management server and data center | lt | 4.12.0 |