Loading...

XML

Word

Printable

Type: Public Security Vulnerability
Resolution: Fixed
Priority: Low
Fix Version/s: 4.20.4
Affects Version/s: 4.20.3
Component/s: None
Labels:

CVSS Score:
4.3
CVSS Severity:
Medium

Affected versions of Atlassian Jira Service Management Server and Data Center allow an authenticated attacker who doesn't have permission to access a project to view the names of private projects via an Information Disclosure vulnerability in the /rest/insight/1.0/project/picker endpoint.

Affected versions:

version < 4.20.4

Fixed versions:

4.20.4

Assignee:: Unassigned

Reporter:: Security Metrics Bot

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Created:: 16/Mar/2022 4:08 AM

Updated:: 16/Mar/2022 4:42 AM

Resolved:: 16/Mar/2022 4:42 AM

Details

Description

Attachments

Forms

Activity

People

Dates

Backbone Issue Sync