4 matches found
Atlassian JIRA worklog Information Disclosure
According to its self-reported version number, the instance of Atlassian JIRA hosted on the remote web server is prior to 7.3.17, or 8.0.x prior to 8.3.2. It is, therefore, affected by an information disclosure vulnerability. An authenticated, remote attacker can exploit this to disclose...
CVE-2019-8445
CVE-2019-8445 is an Atlassian Jira worklog information disclosure vulnerability. TALOS reports that Jira versions 7.6.4 through 8.1.0 are affected and that authenticated users can view worklog details via the REST endpoint /rest/api/2/worklog/list due to a missing permissions check. The vulnerabi...
Missing permission check in several worklog rest resources - CVE-2019-8445
Several worklog rest resources in Jira before version 7.13.7, and from version 8.0.0 before version 8.3.2 allow remote attackers to view worklog time information via a missing permissions check...
Missing permission check in several worklog rest resources - CVE-2019-8445
Several worklog rest resources in Jira before version 7.13.7, and from version 8.0.0 before version 8.3.2 allow remote attackers to view worklog time information via a missing permissions check...