Improper authorization in Project Administration - Others - CVE-2020-14165

XMLWordPrintable

    • 8.05
    • Severity 2 - Major

      Affected versions of Atlassian Jira Server and Data Center allow remote attackers to obtain information about custom project avatars via an improper authorization vulnerability in the UniversalAvatarResource.getAvatars resource.

      Affected versions:

      • version < 8.9.0

      Fixed versions:

      • 8.9.0

              Assignee:
              Unassigned
              Reporter:
              Security Metrics Bot
              Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

                Created:
                Updated:
                Resolved: