Loading...

XML

Word

Printable

Details

Type: Public Security Vulnerability
Resolution: Fixed
Priority: Low
Fix Version/s: 8.15.0
Affects Version/s: 8.5.0, 8.13.0
Component/s: None
Labels:

CVSS Score:
5
CVSS Severity:
Medium
CVE ID:
CVE-2020-36237

Description

Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view custom field options via an Information Disclosure vulnerability in the /rest/api/2/customFieldOption/ endpoint.

The affected versions are before version 8.15.0.

Affected versions:

version < 8.15.0

Fixed versions:

8.15.0

Attachments

Issue Links

is related to: JSEC-122 Loading...

mentioned in: Page Loading...

Activity

People

Assignee:: Unassigned

Reporter:: Security Metrics Bot

Votes:: 0 Vote for this issue

Watchers:: 19 Start watching this issue

Dates

Created:: 04/Feb/2021 1:15 AM

Updated:: 25/Oct/2021 10:16 PM

Resolved:: 04/Feb/2021 1:32 AM