Uploaded image for project: 'Jira Server and Data Center'
  1. Jira Server and Data Center
  2. JRASERVER-71185

Improper authorization in Project Administration - Others - CVE-2020-14165

    XMLWordPrintable

    Details

      Description

      Affected versions of Atlassian Jira Server and Data Center allow remote attackers to obtain information about custom project avatars via an improper authorization vulnerability in the UniversalAvatarResource.getAvatars resource.

      Affected versions:

      • version < 8.9.0

      Fixed versions:

      • 8.9.0

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              security-metrics-bot Security Metrics Bot
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Due:
                Created:
                Updated:
                Resolved: