[JSDSERVER-6917] Information disclosure in API and Integrations - CVE-2020-14180 - Create and track feature requests for Atlassian products.

Type: Bug
Resolution: Fixed
Priority: Low
Fix Version/s: 4.12.0
Affects Version/s: 4.8.1
Component/s: API and Integrations
Labels:

Symptom Severity:
Severity 3 - Minor
Bug Fix Policy:
View Atlassian Server bug fix policy

Affected versions of Atlassian Jira Service Desk Server and Data Center allow remote attackers authenticated as a non-administrator user to view Project Request-Types and Descriptions, via an Information Disclosure vulnerability in the editform request-type-fields resource.

Affected versions:

version < 4.12.0

Fixed versions:

4.12.0

No work has yet been logged on this issue.

Assignee:: Unassigned

Reporter:: Security Metrics Bot

Affected customers:: 0 This affects my team

Watchers:: 2 Start watching this issue

Created:: 01/Jul/2020 6:16 PM

Updated:: 11/Jan/2022 3:33 PM

Resolved:: 26/Aug/2020 5:41 PM

Jira Service Management Data Center

Details

Description

Attachments

Forms

Activity

[JSDSERVER-6917] Information disclosure in API and Integrations - CVE-2020-14180

People

Dates

Backbone Issue Sync