Description
The Convert Sub-Task to Issue page in affected versions of Atlassian Jira Server and Data Center allow remote attackers to enumerate the following information via an Improper Authentication vulnerability: Workflow names; Project Key, if it is part of the workflow name; Issue Keys; Issue Types; Status Types. The affected versions are before version 7.13.9, and from version 8.0.0 before 8.4.2.
Remediation
References
Related Vulnerabilities
WordPress Plugin Newsletter-Send awesome emails from WordPress Cross-Site Scripting (3.2.6)
WordPress Plugin Tera Charts Multiple Local File Inclusion Vulnerabilities (0.1)
WordPress Plugin WP Intercom-Slack for WordPress Information Disclosure (1.2.1)