The /rest/project-templates/1.0/createshared resource in Atlassian Jira Server and Data Center before version 8.5.5, from 8.6.0 prior to 8.7.2, and from 8.8.0 prior to 8.8.1 allows remote malicious users to enumerate project names via an improper authorization vulnerability.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
atlassian jira |
||
atlassian jira server |
||
atlassian jira software data center |
||
atlassian jira data center |
Vulmon