Description
The BrowseProjects.jspa resource in Jira before version 7.13.2, and from version 8.0.0 before version 8.0.2 allows remote attackers to see information for archived projects through a missing authorisation check.
Remediation
References
Related Vulnerabilities
WebLogic Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2022-23437)
WordPress Plugin Bootstrap Shortcodes Cross-Site Scripting (3.4.0)
WordPress Plugin Woo Custom Checkout Field Multiple Vulnerabilities (1.3.2)
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.14)
Plone CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-4042)