2 matches found
CVE-2019-20404
The CVE-2019-20404 vulnerability affects Atlassian Jira Server/Data Center prior to version 8.6.0. It is an information-disclosure issue caused by improper authorization, enabling authenticated remote attackers to enumerate project titles they should not access. The issue is confirmed by multiple...
Improper authorization on project titles vulnerability in Jira - CVE-2019-20404
The API in Atlassian Jira Server and Data Center before version 8.6.0 allows authenticated remote attackers to determine project titles they do not have access to via an improper authorization vulnerability. h3. Note on fix The fix was tested internally before backporting it and no issues were...