Description
Versions before 8.9.1, Various resources in Jira responded with a 404 instead of redirecting unauthenticated users to the login page, in some situations this may have allowed unauthorised attackers to determine if certain resources exist or not through an Information Disclosure vulnerability.
Remediation
References
Related Vulnerabilities
WordPress Plugin WordPress Sentinel Multiple Vulnerabilities (1.0.0)
WordPress Plugin St-Daily-Tip Cross-Site Request Forgery (4.7)
MySQL CVE-2014-6500 Vulnerability (CVE-2014-6500)
WordPress Plugin WP Cost Estimation & Payment Forms Builder Multiple Vulnerabilities (9.642)
Oracle Application Server Other Vulnerability (CVE-2005-3451)