Description

Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to view the names of private projects and filters via an Insecure Direct Object References (IDOR) vulnerability in the Average Number of Times in Status Gadget. The affected versions are before version 8.13.12..

Remediation

References

CVE-2021-41305

Related Vulnerabilities

IBM RTC Improper Privilege Management Vulnerability (CVE-2021-29774)

WordPress Plugin All-in-One WP Migration Arbitrary File Deletion (7.58)

WordPress Plugin YITH WooCommerce Authorize.net Payment Gateway Security Bypass (1.1.12)

MySQL CVE-2024-21137 Vulnerability (CVE-2024-21137)

Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-51484)

Severity

High

Classification

CVE-2021-41305 CWE-639

Tags

Missing Update Known Vulnerabilities