Information disclosure

2020-06-0107:15:00

PRIOn knowledge base

www.prio-n.com

4.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.3%

JSON

The /json/fe/activeUserFinder.do resource in Altassian Fisheye and Crucible before version 4.8.1 allows remote attackers to view user user email addresses via a information disclosure vulnerability.

CPENameOperatorVersion
cruciblelt4.8.1
fisheyelt4.8.1

CPE	Name	Operator	Version
	crucible	lt	4.8.1
	fisheye	lt	4.8.1

References

jira.atlassian.com/browse/CRUC-8468

jira.atlassian.com/browse/FE-7284