Lucene search

CVE-2023-26255

🗓️ 28 Feb 2023 16:09:15Reported by mitreType

cve🔗 web.nvd.nist.gov👁 41 Views🌐 WEB

An unauthenticated path traversal vulnerability in the "STAGIL Navigation for Jira - Menu & Themes" plugin before 2.0.52 allows system file access

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 10
Cvelist	CVE-2023-26255	28 Feb 202300:00	–	cvelist
Nuclei	STAGIL Navigation for Jira Menu & Themes <2.0.52 - Local File Inclusion	16 Mar 202312:25	–	nuclei
Prion	Path traversal	28 Feb 202316:15	–	prion
NVD	CVE-2023-26255	28 Feb 202316:15	–	nvd
GithubExploit	Exploit for Path Traversal in Stagil Stagil Navigation	30 Aug 202323:57	–	githubexploit
GithubExploit	Exploit for Path Traversal in Stagil Stagil Navigation	25 Aug 202321:56	–	githubexploit
GithubExploit	Exploit for Path Traversal in Stagil Stagil Navigation	24 Aug 202301:57	–	githubexploit
GithubExploit	Exploit for Path Traversal in Stagil Stagil Navigation	1 Sep 202300:10	–	githubexploit
Tenable Nessus	Jira Server/Data Center STAGIL Navigation plugin Path Traversal CVE-2023-26255	23 Oct 202300:00	–	nessus
Vulnrichment	CVE-2023-26255	28 Feb 202300:00	–	vulnrichment

Nvd

Node

stagil stagil_navigationRange<2.0.52jira

Source	Link
marketplace	www.marketplace.atlassian.com/apps/1216090/stagil-navigation-for-jira-menus-themes
github	www.github.com/1nters3ct/CVEs/blob/main/CVE-2023-26255.md

Parameter	Position	Path	Description	CWE
fileName	query param	/snjCustomDesignConfig	Unauthenticated path traversal vulnerability in STAGIL Navigation for Jira allowing file system access.	CWE-22

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

28 Feb 2023 16:15Current

7.5High risk

Vulners AI Score7.5

CVSS37.5

EPSS0.91547

SSVC

CWE-22