Uploaded image for project: 'Jira Cloud'
  1. Jira Cloud
  2. JRACLOUD-75661

Sensitive data exposure via /secure/QueryComponent!Default.jspa endpoint - CVE-2020-14179

    XMLWordPrintable

    Details

      Description

      Issue Summary

      Jira Cloud allows remote, unauthenticated attackers to view custom field names and custom SLA names via an Information Disclosure vulnerability in the /secure/QueryComponent!Default.jspa endpoint.

      Steps to Reproduce

      1. Access the Jira Cloud URL: https://hostname.atlassian.net/secure/QueryComponent!Default.jspa as anonymous user without logging in.

      Expected Results

      The endpoint should not expose custom field names etc.

      Actual Results

      It shows custom field names and custom SLA names.

      Update

      We have tested this issue in Jira Cloud and have found that the issue described in the ticket is not reproducible. If an unauthorised user tries to access the URL, the user can see default Jira fields - that are the same for any instance, not custom fields. Thus no sensitive information gets exposed & we have closed this ticket.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              vvisanakarrala Veera (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              16 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: