exploitDog

GHSA-4f97-4vq5-662m

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.3

Описание

The /rest/api/1.0/render resource in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to determine if a username is valid or not via a missing permissions check.

The /rest/api/1.0/render resource in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to determine if a username is valid or not via a missing permissions check.

Ссылки

EPSS

Процентиль: 73%

0.00791

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-862

CWE-863

Связанные уязвимости

CVE-2020-36238

CVSS3: 5.3

nvd

около 4 лет назад

The /rest/api/1.0/render resource in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to determine if a username is valid or not via a missing permissions check.

EPSS

Процентиль: 73%

0.00791

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-862

CWE-863