Description
secure/ConfigureReleaseNote.jspa in Atlassian JIRA 3.6.2-#156 allows remote attackers to obtain sensitive information via unspecified manipulations of the projectId parameter, which displays the installation path and other system information in an error message.
Remediation
References
Related Vulnerabilities
MySQL Improper Input Validation Vulnerability (CVE-2017-3256)
WordPress Plugin WP-Download 'dl_id' Parameter SQL Injection (1.2)
qdPM Multiple Cross-site Scripting (XSS) Vulnerabilities (CVE-2015-3883)
Oracle Database Server CVE-2005-4884 Vulnerability (CVE-2005-4884)
OpenSSL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2022-2097)