3 matches found
CVE-2019-16908
An issue was discovered in the Infosysta "In-App & Desktop Notifications" app before 1.6.14J8 for Jira. It is possible to obtain a list of all Jira projects without authentication/authorization via the plugins/servlet/nfj/ProjectFilter?searchQuery= URI...
CVE-2019-16908
CVE-2019-16908 affects Infosysta In-App & Desktop Notifications for Jira (before 1.6.14_J8). The vulnerability allows an unauthenticated user to obtain a list of all Jira projects via plugins/servlet/nfj/ProjectFilter?searchQuery=, due to an authorization check bypass in the plugin. Impact is inf...
Infosysta Jira 1.6.13_J8 Project List Authentication Bypass
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2019-042 Product: In-App & Desktop Notification for Jira Manufacturer: Infosysta Affected Versions: 1.6.13J8 Tested Versions: 1.6.13J8 Vulnerability Type: Authentication/Authorization Bypass Risk Level: Medium Solution Status: Clos...