Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Atlassian Jira CVE-2020-14178 Vulnerability (CVE-2020-14178)

Description

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to enumerate project keys via an Information Disclosure vulnerability in the /browse.PROJECTKEY endpoint. The affected versions are before version 7.13.7, from version 8.0.0 before 8.5.8, and from version 8.6.0 before 8.12.0.

Remediation

References

Related Vulnerabilities

WordPress Plugin FD Feedburner Cross-Site Request Forgery (1.42)

WordPress Plugin AVH Extended Categories Widgets SQL Injection (4.0.0)

WordPress Plugin Permalink Manager Lite SQL Injection (2.2.12)

MySQL CVE-2024-21193 Vulnerability (CVE-2024-21193)

Apache HTTP Server Improper Input Validation Vulnerability (CVE-2017-15715)

Severity

High

Classification

CVE-2020-14178

Tags

Missing Update Known Vulnerabilities