Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view the metadata of boards they should not have access to via an Insecure Direct Object References (IDOR) vulnerability. The affected versions are before version 8.5.10, and from version 8.6.0 before 8.13.2.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://jira.atlassian.com/browse/JRASERVER-72002 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: atlassian
Published: 2021-02-01T23:40:12.974592Z
Updated: 2024-09-16T17:14:09.087Z
Reserved: 2021-01-27T00:00:00
Link: CVE-2020-36231
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-02-02T00:15:12.397
Modified: 2024-11-21T05:29:06.490
Link: CVE-2020-36231
Redhat
No data.