Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in the Gantt-Chart module before 5.5.4 for Jira. Due to a missing privilege check, it is possible to read and write to the module configuration of other users. This can also be used to deliver an XSS payload to other users' dashboards. To exploit this vulnerability, an attacker has to be authenticated.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Atlassian Jira Gantt-Chart 安全漏洞
Vulnerability Description
Atlassian Jira是澳大利亚Atlassian公司的一套缺陷跟踪管理系统。该系统主要用于对工作中各类问题、缺陷进行跟踪管理。Gantt-Chart是其中的一个项目管理模块。 Atlassian Jira Gantt-Chart 5.5.4之前版本中存在安全漏洞,该漏洞源于程序缺少权限检查。攻击者可利用该漏洞对其他用户的模块配置进行读写操作。
CVSS Information
N/A
Vulnerability Type
N/A