exploitDog

GHSA-cqfw-25xq-3wvj

Опубликовано: 18 сент. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.3

Описание

The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all groups from the Jira instance by making a groupexport_download=true request to a plugins/servlet/groupexportforjira/admin/ URI.

The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all groups from the Jira instance by making a groupexport_download=true request to a plugins/servlet/groupexportforjira/admin/ URI.

Ссылки

EPSS

Процентиль: 99%

0.7815

Высокий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-862

Связанные уязвимости

CVE-2022-39960

CVSS3: 5.3

nvd

больше 3 лет назад

The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all groups from the Jira instance by making a groupexport_download=true request to a plugins/servlet/groupexportforjira/admin/ URI.

EPSS

Процентиль: 99%

0.7815

Высокий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-862