Description
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view custom field options via an Information Disclosure vulnerability in the /rest/api/2/customFieldOption/ endpoint. The affected versions are before version 8.15.0.
Remediation
References
Related Vulnerabilities
Python Integer Overflow or Wraparound Vulnerability (CVE-2016-5636)
WordPress Plugin Portfolio Gallery-Photo Gallery Unspecified Vulnerability (2.3.0)
Apache Tomcat Other Vulnerability (CVE-2008-0002)
Drupal Improper Input Validation Vulnerability (CVE-2016-9452)
WordPress Plugin LearnPress-WordPress LMS Security Bypass (3.2.6.6)