2 matches found
Atlassian JIRA Information Disclosure Vulnerability (JRASERVER-69797)
According to its self-reported version number, the instance of Atlassian JIRA hosted on the remote web server is prior to 7.13.4 or 8.0.x prior to 8.2.2. It is, therefore, affected by an information disclosure vulnerability in its login.jsp component due to insufficent validation of user input. A...
CVE-2019-8448
CVE-2019-8448 affects Atlassian Jira Server: the login.jsp component in Jira versions prior to 7.13.4 and 8.0.x prior to 8.2.2 is exploitable via insufficient validation, allowing an unauthenticated remote attacker to enumerate usernames. This is an information-disclosure vulnerability. The cited...