Atlassian JIRA < 8.5.13 / 8.6.x < 8.13.5 / 8.14.x < 8.15.1 Multiple Vulnerablities

According to its self-reported version number, the instance of Atlassian JIRA hosted on the remote web server is affected by multiple vulnerabilities. - The /rest/api/1.0/render resource in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from versi...

CVE-2020-36286

The membersOf JQL search function in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to determine if a group exists & members of groups if they are assigned to publicly...

CVE-2020-36286

CVE-2020-36286 affects Atlassian Jira Server and Data Center; information disclosure vulnerability in the membersOf JQL search function allows remote anonymous attackers to determine if a group exists and group memberships when exposed via publicly visible issue fields. Affected versions before f...

CVE-2020-36286

The membersOf JQL search function in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to determine if a group exists & members of groups if they are assigned to publicly...

Atlassian Jira Server and Data Center 安全漏洞

Atlassian JIRA Server and Atlassian JIRA Data Center are both products of Atlassian Australia.Atlassian JIRA Server is a server version of a defect tracking management system. Atlassian JIRA Data Center is the data center version of Atlassian JIRA. Atlassian Jira Server and Data Center have an...