Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Low
Fix Version/s: 4.8.1
Affects Version/s: 4.8.0
Component/s: Server administration
Labels:

Symptom Severity:
Severity 3 - Minor
Bug Fix Policy:
View Atlassian Server bug fix policy

The /plugins/servlet/jira-blockers/ resource in the crucible-jira-ril plugin in Atlassian Fisheye and Crucible before version 4.8.1 allows remote attackers to get the ID of configured Jira application links via an information disclosure vulnerability.

is related to

CRUC-8469 Information disclosure in the /plugins/servlet/jira-blockers/ resource in the crucible-jira-ril plugin - CVE-2020-4016

Closed

Assignee:: Unassigned

Reporter:: Security Metrics Bot

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Created:: 16/Apr/2020 7:38 PM

Updated:: 09/Nov/2023 9:44 AM

Resolved:: 17/Apr/2020 2:41 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates