-
Bug
-
Resolution: Fixed
-
High
-
8.20.18, 9.0.0, 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0
-
8.2
-
7.5
-
Severity 2 - Major
-
Affected versions of Atlassian Jira Server and Data Centre allowed an unauthenticated remote attacker to fetch Issue,Project and Sprint information via Information Disclosure Vulnerability via "/secure/QueryComponentRendererValue!Default.jspa" endpoint.
Affected versions:
- version < 9.5.1
Fixed versions:
- 8.20.21 and newer
- 9.4.4 and newer
- 9.5.1 and newer
- 9.6.0 and newer