Atlassian Jira Unauthenticated User Enumeration (CVE-2020-36289)

Binary data jiraCVE-2020-36289userenum.nbin...

Atlassian Jira 8.6.x < 8.13.7 Multiple Vulnerabilities

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.5.15, 8.6.x 8.13.7 or 8.14.x 8.17.0. It is, therefore, affected by multiple vulnerabilities: - A Cross-Site Scripting XSS vulnerability in the CardLayoutConfigTable componen...

Atlassian Jira < 8.5.15 Multiple Vulnerabilities

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.5.15, 8.6.x 8.13.7 or 8.14.x 8.17.0. It is, therefore, affected by multiple vulnerabilities: - A Cross-Site Scripting XSS vulnerability in the CardLayoutConfigTable componen...

Atlassian Jira 8.14.x < 8.17.0 Multiple Vulnerabilities

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.5.15, 8.6.x 8.13.7 or 8.14.x 8.17.0. It is, therefore, affected by multiple vulnerabilities: - A Cross-Site Scripting XSS vulnerability in the CardLayoutConfigTable componen...

CVE-2020-36289

creationtimestamp| type| source ---|---|--- 2021-06-11 12:18:48+00:00| seen| https://t.me/pwnwikizhchannel/633 2021-07-01 11:03:01+00:00| seen| https://t.me/CyberSecurityTechnologies/3732...

Atlassian Jira 信息泄露漏洞（CVE-2020-36289）

...

CVE-2020-36289

Atlassian Jira Server and Data Center is affected by an unauthenticated information-disclosure via the QueryComponentRendererValue!Default.jspa endpoint. Affected versions are before 8.5.13; from 8.6.0 before 8.13.5; and from 8.14.0 before 8.15.1. An unauthenticated attacker can enumerate users a...

CVE-2020-36289

Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the QueryComponentRendererValue!Default.jspa endpoint. The affected versions are before version 8.5.13, from version 8.6.0 before 8.13.5, and...

CVE-2020-36289

Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the QueryComponentRendererValue!Default.jspa endpoint. The affected versions are before version 8.5.13, from version 8.6.0 before 8.13.5, and...

User Enumeration via /QueryComponentRendererValue!Default.jspa endpoint - CVE-2020-36289

Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the QueryComponentRendererValue!Default.jspa endpoint. This vulnerability was discovered by Mikhail Klyuchnikov of Positive Technologies. The...