Issue key can be enumerated - Resolve Issue Feature

Security auditing tests performed on a Jira Bug Issue and Project Tracking Software locally running instance shown that the application is succeptible to horizontal privilege elevation attacks within the Resolve Issue feature, accessible through the given address:...

Issue key can be enumerated - Resolve Issue Feature

Security auditing tests performed on a Jira Bug Issue and Project Tracking Software locally running instance shown that the application is succeptible to horizontal privilege elevation attacks within the Resolve Issue feature, accessible through the given address:...

Cross Site Request Forgery - Deleting User's Dashboards

Security auditing tests performed on a Jira Bug Issue and Project Tracking Software locally running instance shown that the application is succeptible to Cross-Site Request Forgery attacks within this URL:...

Cross-Site Request Forgery

Cross-Site Request Forgery Security auditing tests performed on a Jira Bug Issue and Project Tracking Software locally running instance shown that the application is succeptible to Cross-Site Request Forgery attacks within this URL: /jira/plugins/servlet/streamscomments This vulnerability enables...

User Enumeration

Security auditing tests performed on a Jira Bug Issue and Project Tracking Software locally running instance shown that at least two vulnerabilities regarding User Enumeration were found within the software. Case 1: Logged In Whenever a logged user accesses the Url...