Improper authorization in Project Administration - Others - CVE-2020-14165

XMLWordPrintable

    • 8.05
    • Severity 2 - Major

      Affected versions of Atlassian Jira Server and Data Center allow remote attackers to obtain information about custom project avatars via an improper authorization vulnerability in the UniversalAvatarResource.getAvatars resource.

      Affected versions:

      • version < 8.9.0

      Fixed versions:

      • 8.9.0

            Assignee:
            Unassigned
            Reporter:
            Security Metrics Bot
            Votes:
            0 Vote for this issue
            Watchers:
            9 Start watching this issue

              Created:
              Updated:
              Resolved: