Description
The /rest/project-templates/1.0/createshared resource in Atlassian Jira Server and Data Center before version 8.5.5, from 8.6.0 before 8.7.2, and from 8.8.0 before 8.8.1 allows remote attackers to enumerate project names via an improper authorization vulnerability.
Remediation
References
Related Vulnerabilities
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5106)
WordPress Plugin Post to CSV by BestWebSoft CSV Injection (1.4.0)
Oracle Database Server CVE-2008-2607 Vulnerability (CVE-2008-2607)
TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2022-23503)
WordPress Plugin Mailster-Email Newsletter for WordPress Cross-Site Scripting (2.4.5.1)