Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Affected versions of Atlassian Jira Server and Data Center allow a user who has had their Jira Service Management access revoked to export audit logs of another user's Jira Service Management project via a Broken Authentication vulnerability in the /plugins/servlet/audit/resource endpoint. The affected versions of Jira Server and Data Center are before version 8.19.1.
CVSS Information
N/A
Vulnerability Type
认证机制不恰当
Vulnerability Title
Atlassian Jira授权问题漏洞
Vulnerability Description
Atlassian Jira是澳大利亚Atlassian公司的一套缺陷跟踪管理系统。该系统主要用于对工作中各类问题、缺陷进行跟踪管理。 Atlassian Jira Server and Data Center 中存在授权问题漏洞,该漏洞源于产品的/plugins/servlet/audit/resource链接允许一个用户导出另一个用户的审计日志。以下产品及版本受到影响:Atlassian Jira Server and Data Center 8.19.1 之前版本。
CVSS Information
N/A
Vulnerability Type
N/A