4 matches found
CVE-2019-16906
creationtimestamp| type| source ---|---|--- 2024-02-01 13:36:41+00:00| seen| https://t.me/ctinow/177563...
CVE-2019-16906
An issue was discovered in the Infosysta "In-App & Desktop Notifications" app 1.6.13J8 for Jira. By using plugins/servlet/nfj/PushNotification?username= with a modified username, a different user's notifications can be read without authentication/authorization. These notifications are then no...
CVE-2019-16906
CVE-2019-16906 concerns Infosysta In-App & Desktop Notifications for Jira (v1.6.13_J8). Affected component is the PushNotification functionality exposed via plugins/servlet/nfj/PushNotification?username=, allowing an attacker to read another user’s notifications without authentication/authorizati...
Infosysta Jira 1.6.13_J8 Push Notification Authentication Bypass
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2019-041 Product: In-App & Desktop Notification for Jira Manufacturer: Infosysta Affected Versions: 1.6.13J8 Tested Versions: 1.6.13J8 Vulnerability Type: Authentication/Authorization Bypass Risk Level: High Solution Status: Closed...