3 matches found
The vulnerability of the “/ViewUserHover.jspa” component in the Jira bug tracking system allows a hacker to expose user credentials.
The vulnerability of the “/ViewUserHover.jspa” component of the Jira bug tracking system is related to the storage of user account information in an open manner. Exploiting this vulnerability could allow a malicious actor to access and disclose user account information remotely...
User Enumeration via /ViewUserHover.jspa - CVE-2020-14181
Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the /ViewUserHover.jspa endpoint. This vulnerability was discovered by Mikhail Klyuchnikov of Positive Technologies. Affected versions: versio...
CVE-2020-14181
Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the /ViewUserHover.jspa endpoint. The affected versions are before version 7.13.6, from version 8.0.0 before 8.5.7, and from version 8.6.0...