Loading...

XML

Word

Printable

Type: Public Security Vulnerability
Resolution: Fixed
Priority: Low
Fix Version/s: 4.22.2
Affects Version/s: 4.22.1
Component/s: None
Labels:

CVSS Score:
3.5
CVSS Severity:
Medium
CVE ID:
CVE-2022-36800

Affected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers without the "Browse Users" permission to view groups via an Information Disclosure vulnerability in the browsegroups.action endpoint.

The affected versions are before version 4.22.2.

Affected versions:

version < 4.22.2

Fixed versions:

4.22.2

mentioned in: Page Loading...

Assignee:: Unassigned

Reporter:: Security Metrics Bot

Votes:: 0 Vote for this issue

Watchers:: 9 Start watching this issue

Created:: 27/Jul/2022 1:53 AM

Updated:: 21/Feb/2023 3:41 PM

Resolved:: 03/Aug/2022 4:12 AM

Details

Description

Attachments

Issue Links

Forms

Activity

People

Dates