Description
The membersOf JQL search function in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to determine if a group exists & members of groups if they are assigned to publicly visible issue field.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2009-1996 Vulnerability (CVE-2009-1996)
WordPress Plugin BuddyPress Arbitrary File Deletion (2.7.3)
WordPress Plugin YITH WooCommerce Zoom Magnifier Cross-Site Scripting (1.2.6)
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-2064)