FortiClient VulnerabilityAtlassian Jira Software Server CVE-2020-36289 Authorization Bypass Vulnerability
Description
Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the QueryComponentRendererValue!Default.jspa endpoint. The affected versions are before version 8.5.13, from version 8.6.0 before 8.13.5, and from version 8.14.0 before 8.15.1.
Affected Applications
Jira Software Server
CVE References
CVE-2020-36289Other References
https://jira.atlassian.com/projects/JRASERVER/issues/| ID | 74280 |
| Created | Dec 20, 2022 |
| Description Updated |
Dec 14, 2023 |
| Risk |
|
| Coverage | FortiClient |
| OS | Windows |
| Vendor | Atlassian |
| Patch | manual |
| Application | Jira Software Server |