The Convert Sub-Task to Issue page in affected versions of Atlassian Jira Server and Data Center allow remote malicious users to enumerate the following information via an Improper Authentication vulnerability: Workflow names; Project Key, if it is part of the workflow name; Issue Keys; Issue Types; Status Types. The affected versions are before version 7.13.9, and from version 8.0.0 prior to 8.4.2.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
atlassian jira |
||
atlassian jira server |
||
atlassian jira software data center |
||
atlassian jira data center |