Atlassian Jira 7.7.0 < 7.13.9 Information Disclosure In Comment Restriction Feature

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.5.0. It is, therefore, affected by a vulnerability which permits remote attackers to view sensitive information via an Information Disclosure vulnerability in the comment...

Atlassian Jira < 7.6.17 / 7.7.x < 7.13.9 / 8.0.x < 8.4.2 Information Disclosure

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 7.6.17, or 7.7.x prior to 7.13.9, or version 8.0.x prior to 8.4.2. It is, therefore, affected by a Information Disclosure vulnerability. - A remote attackers to view sensitive...

Information disclosure

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view sensitive information via an Information Disclosure vulnerability in the comment restriction feature. The affected versions are before version 7.6.17, from version 7.7.0 before 7.13.9, and from version 8.0.0...

CVE-2019-20412

The Convert Sub-Task to Issue page in affected versions of Atlassian Jira Server and Data Center allow remote attackers to enumerate the following information via an Improper Authentication vulnerability: Workflow names; Project Key, if it is part of the workflow name; Issue Keys; Issue Types;...

Atlassian JIRA < 7.13.9 / 8.x < 8.3.3 XSS (JRASERVER-69790)

According to its self-reported version number, the instance of Atlassian JIRA hosted on the remote web server is prior to 7.13.9, or 8.x prior to 8.3.3 / 8.4.0. It is, therefore, affected by a cross-site scripting XSS vulnerability. The vulnerability exists in the FilterPickerPopup.jspa resource...