Several worklog rest resources in Jira before version 7.13.7, and from version 8.0.0 before version 8.3.2 allow remote malicious users to view worklog time information via a missing permissions check.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
atlassian jira server |