Description
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to continue to view cached content even after losing permissions, via a Broken Access Control vulnerability in the allowlist feature. The affected versions are before version 8.13.9, and from version 8.14.0 before 8.18.0.
Remediation
References
Related Vulnerabilities
WordPress Plugin RSS Includes Pages Unspecified Vulnerability (3.1)
WordPress 3.8.x Multiple Vulnerabilities (3.8 - 3.8.21)
Plone CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-5508)
WordPress Plugin Download Monitor Unspecified Vulnerability (1.9.6)
WordPress Plugin WordPress Landing Pages Multiple Unspecified Vulnerabilities (1.7.8)