Atlassian Jira Manage Filters information disclosure

Description
  • Jira is a proprietary issue tracking product, developed by Atlassian. It provides bug tracking, issue tracking, and project management functions.

    The Manage Filters page (that is accessible at the endpoint /secure/ManageFilters.jspa) usually leaks potentially sensitive information such as employee names and email addresses and internal product names.

    It's recommended to restrict access to this page if the information returned here contains sensitive information.
Remediation
  • Restrict access to the /secure/ManageFilters.jspa endpoint if the data returned on this page contains sensitive information. Consult Web References section for more information.
References