Improper authorization vulnerability in Atlassian Jira Server - CVE-2019-20404 (linux)ID: oval:org.secpod.oval:def:90956 | Date: (C)2023-07-14 (M)2023-07-14 |
Class: VULNERABILITY | Family: unix |
The host is installed with Atlassian Jira Server 8.2.4 before 8.5.11 and is prone to an improper authorization vulnerability. A flaw is present in the application which fails to properly handle issues in the API. Successful exploitation allows authenticated remote attackers to determine project titles they do not have access to.
Product: |
Atlassian Jira Server |