Description
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view custom field options via an Information Disclosure vulnerability in the /rest/api/2/customFieldOption/ endpoint. The affected versions are before version 8.15.0.
Remediation
References
Related Vulnerabilities
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.5)
TYPO3 Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-11063)
WordPress Uncontrolled Resource Consumption Vulnerability (CVE-2018-6389)
OpenSSL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2178)