Описание
Affected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers without the "Browse Users" permission to view groups via an Information Disclosure vulnerability in the browsegroups.action endpoint. The affected versions are before version 4.22.2.
Ссылки
- Issue TrackingVendor Advisory
- Issue TrackingVendor Advisory
Уязвимые конфигурации
Одно из
EPSS
4.3 Medium
CVSS3
Дефекты
Связанные уязвимости
Affected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers without the "Browse Users" permission to view groups via an Information Disclosure vulnerability in the browsegroups.action endpoint. The affected versions are before version 4.22.2.
Уязвимость мобильного плагина центра для обработки данных Atlassian Jira Service Management Server and Data Center, позволяющая нарушителю осуществить SSRF-атаку
EPSS
4.3 Medium
CVSS3