36 matches found
PT-2022-26689 · Atlassian · Netic User Export +1
Name of the Vulnerable Software and Affected Versions: Netic User Export add-on for Atlassian Confluence versions prior to 1.3.5 Description: The issue allows an HTTP request to download any file on the system, including sensitive files like SSH private keys, due to the fileName parameter accepti...
Atlassian Confluence 安全漏洞
Atlassian Confluence is a suite of specialized enterprise knowledge management and collaboration software from Atlassian Australia, which can also be used to build enterprise WiKi. A security vulnerability exists in Atlassian Confluence versions prior to 1.3.5 that stems from improper handling of...
CVE-2022-39960
The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all groups from the Jira instance by making a groupexportdownload=true request to a plugins/servlet/groupexportforjira/admin/ URI...
CVE-2022-39960
The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all groups from the Jira instance by making a groupexportdownload=true request to a plugins/servlet/groupexportforjira/admin/ URI...
CVE-2022-39960
The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all groups from the Jira instance by making a groupexportdownload=true request to a plugins/servlet/groupexportforjira/admin/ URI...
Authorization
The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all groups from the Jira instance by making a groupexportdownload=true request to a plugins/servlet/groupexportforjira/admin/ URI...
CVE-2022-39960
The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all groups from the Jira instance by making a groupexportdownload=true request to a plugins/servlet/groupexportforjira/admin/ URI...
CVE-2022-39960
The CVE-2022-39960 issue affects the Netic Group Export add-on for Atlassian Jira, prior to version 1.0.3. The extension does not perform authorization checks, enabling an unauthenticated user to export all groups by calling groupexport_download=true on plugins/servlet/groupexportforjira/admin/. ...
CVE-2022-38367
The Netic User Export add-on before 2.0.6 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all users from Jira by making an HTTP request to the affected endpoint...
CVE-2022-38367
The Netic User Export add-on before 2.0.6 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all users from Jira by making an HTTP request to the affected endpoint...
CVE-2022-38367
The Netic User Export add-on before 2.0.6 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all users from Jira by making an HTTP request to the affected endpoint...
Authorization
The Netic User Export add-on before 2.0.6 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all users from Jira by making an HTTP request to the affected endpoint...
CVE-2022-38367
The Netic User Export add-on before 2.0.6 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all users from Jira by making an HTTP request to the affected endpoint...
CVE-2022-38367
CVE-2022-38367 affects the Netic User Export add-on for Atlassian Jira (pre-2.0.6). The root cause is missing authorization checks on the affected endpoint, enabling an unauthenticated user to export all Jira users via an HTTP request. Impact is explicit in the sources: potential exposure of user...
Atlassian Jira 安全漏洞
Atlassian Jira is a defect tracking management system from Atlassian Australia. The system is mainly used to track and manage various types of issues and defects in the workplace. A security vulnerability exists in Atlassian Jira versions prior to 2.0.6 that stems from the Netic User Export plugi...
PT-2022-24389 · Atlassian · Netic User Export +1
Name of the Vulnerable Software and Affected Versions: Netic User Export add-on for Atlassian Jira versions prior to 2.0.6 Description: The issue is related to the lack of authorization checks in the Netic User Export add-on. This might allow an unauthenticated user to export all users from Jira ...