Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2021/07/02 12:0 a.m.45 views

Atlassian Jira < 8.5.13 Multiple Vulnerabilities

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.5.13, 8.6.x 8.13.5 or 8.14.x 8.15.1. It is, therefore, affected by multiple vulnerabilities: - An information disclosure vulnerability allowing remote anonymous attackers to...

5.3CVSS4.6AI score0.01591EPSS
Exploits0References6
Cvelist
Cvelist
added 2021/04/01 3:10 a.m.36 views

CVE-2020-36286

The membersOf JQL search function in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to determine if a group exists & members of groups if they are assigned to publicly...

5.1AI score0.0141EPSS
Exploits0References1
CVE
CVE
added 2021/04/01 3:10 a.m.110 views

CVE-2020-36286

CVE-2020-36286 affects Atlassian Jira Server and Data Center; information disclosure vulnerability in the membersOf JQL search function allows remote anonymous attackers to determine if a group exists and group memberships when exposed via publicly visible issue fields. Affected versions before f...

5.3CVSS5.1AI score0.0141EPSS
Exploits0References1Affected Software4
Atlassian
Atlassian
added 2021/03/31 6:19 a.m.115 views

Information Disclosure using JQL function membersOf - CVE-2020-36286

The membersOf JQL search function in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to determine if a group exists & members of groups if they are assigned to a publicly...

5.3CVSS3.9AI score0.0141EPSS
Exploits0Affected Software1
Atlassian
Atlassian
added 2021/03/31 6:19 a.m.35 views

Information Disclosure using JQL function membersOf - CVE-2020-36286

The membersOf JQL search function in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to determine if a group exists & members of groups if they are assigned to a publicly...

5.3CVSS5.3AI score0.0141EPSS
Exploits0
Rows per page
Query Builder