N/A

Affected versions of Atlassian Jira Server and Data Center allow authenticated remote attackers to enumerate the keys of private Jira projects via an Information Disclosure vulnerability in the /rest/api/latest/projectvalidate/key endpoint. The affected versions are before version 8.5.18, from version 8.6.0 before 8.13.10, and from version 8.14.0 before 8.18.2.

N/A

N/A

Atlassian Jira 安全漏洞

Atlassian Jira是澳大利亚Atlassian公司的一套缺陷跟踪管理系统。该系统主要用于对工作中各类问题、缺陷进行跟踪管理。 Atlassian Jira Server and Data Center 存在安全漏洞，该漏洞允许经过身份验证的远程攻击者通过"/rest/api/latest/projectvalidate/key"端点中的信息披露漏洞枚举私有Jira项目的密钥。以下产品及版本受到影响：Atlassian Jira Server 8.5.18, from version 8.6.0

N/A

N/A