Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
REST API in Atlassian Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.0 before 8.16.1 allows remote attackers to enumerate usernames via a Sensitive Data Exposure vulnerability in the `/rest/api/latest/user/avatar/temporary` endpoint.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Atlassian JIRA Server 安全漏洞
Vulnerability Description
Atlassian JIRA Server是澳大利亚Atlassian公司的一套缺陷跟踪管理系统的服务器版本。该系统主要用于对工作中各类问题、缺陷进行跟踪管理。 Atlassian Jira Server和Jira Data Center的REST API存在安全漏洞,该漏洞允许远程攻击者可利用该漏洞通过“REST API最新用户化身临时”端点的敏感数据暴露漏洞枚举用户名。以下产品和版本受到影响:Atlassian Jira Server和Jira Data Center的REST API在8.5.14版
CVSS Information
N/A
Vulnerability Type
N/A