Description
Versions before 8.9.1, Various resources in Jira responded with a 404 instead of redirecting unauthenticated users to the login page, in some situations this may have allowed unauthorised attackers to determine if certain resources exist or not through an Information Disclosure vulnerability.
Remediation
References
Related Vulnerabilities
WordPress Plugin Acumbamail Information Disclosure (1.0.4)
WordPress Plugin WooCommerce Upload My File Cross-Site Request Forgery (0.3.9)
LimeSurvey Incorrect Default Permissions Vulnerability (CVE-2019-16186)
Oracle JRE CVE-2018-2799 Vulnerability (CVE-2018-2799)
CubeCart Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-38130)