Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Atlassian Jira Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2020-36289 - Vulnerability Database
Atlassian Jira

Atlassian Jira Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2020-36289

Medium
Reference: CVE-2020-36289
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-36289
Title: Atlassian Jira Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Overview:

Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the QueryComponentRendererValueDefault.jspa endpoint. The affected versions are before version 8.5.13 from version 8.6.0 before 8.13.5 and from version 8.14.0 before 8.15.1.