2 matches found
Atlassian JIRA < 8.4.0 Multiple Vulnerabilities
According to its self-reported version number, the instance of Atlassian JIRA hosted on the remote web server is prior to prior to 8.4.0. It is, therefore, affected by multiple vulnerabilities: - An authorization bypass vulnerability exists in the /rest/issueNav/1/issueTable resource as well as t...
CVE-2019-14997
CVE-2019-14997 affects Jira AccessLogFilter, enabling remote anonymous attackers to learn details about other users (including usernames) via an information disclosure through caching when Jira is behind a reverse proxy/load balancer with caching or a CDN. Affected software is Jira before version...