Loading...

Log In
Closed

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: High
Fix Version/s: 8.20.21, 9.4.4, 9.5.1, 9.6.0
Affects Version/s: 8.20.18, 9.0.0, 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0
Component/s: Security
Labels:

Introduced in Version:
8.2
CVSS Score:
7.5
Symptom Severity:
Severity 2 - Major

Affected versions of Atlassian Jira Server and Data Centre allowed an unauthenticated remote attacker to fetch Issue,Project and Sprint information via Information Disclosure Vulnerability via "/secure/QueryComponentRendererValue!Default.jspa" endpoint.

Affected versions:

version < 9.5.1

Fixed versions:

8.20.21 and newer
9.4.4 and newer
9.5.1 and newer
9.6.0 and newer

mentioned in: Page Loading...; Page Loading...; Page Loading...

Assignee:: Unassigned
Reporter:: Security Metrics Bot
Votes:: 0 Vote for this issue
Watchers:: 43 Start watching this issue

Created:: 03/Feb/2023 5:50 AM
Updated:: 25/Feb/2025 11:30 AM
Resolved:: 21/Feb/2023 9:42 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates