3 matches found
CVE-2022-36800
Affected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers without the "Browse Users" permission to view groups via an Information Disclosure vulnerability in the browsegroups.action endpoint. The affected versions are before version 4.22.2...
CVE-2022-36800
Atlassian Jira Service Management Server/Data Center is affected by CVE-2022-36800 through an Information Disclosure in the browsegroups.action endpoint. Affected versions are prior to 4.22.2 (per NVD/NVD-derived records). Root cause is insufficient access validation that allows remote attackers ...
User without "Browse Users" permission can view groups - CVE-2022-36800
Affected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers without the "Browse Users" permission to view groups via an Information Disclosure vulnerability in the browsegroups.action endpoint. The affected versions are before version 4.22.2. Affected...