Details
-
Bug
-
Resolution: Fixed
-
Low
-
8.5.1
-
8.05
-
Severity 2 - Major
-
Description
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to obtain information about custom project avatars via an improper authorization vulnerability in the UniversalAvatarResource.getAvatars resource.
Affected versions:
- version < 8.9.0
Fixed versions:
- 8.9.0