Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Atlassian Jira Incorrect Authorization Vulnerability - CVE-2020-36238 - Vulnerability Database
Atlassian Jira

Atlassian Jira Incorrect Authorization Vulnerability - CVE-2020-36238

Medium
Reference: CVE-2020-36238
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-36238
Title: Atlassian Jira Incorrect Authorization Vulnerability
Overview:

The /rest/api/1.0/render resource in Jira Server and Data Center before version 8.5.13 from version 8.6.0 before version 8.13.5 and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to determine if a username is valid or not via a missing permissions check.