Description
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to the query component JQL endpoint via a Broken Access Control vulnerability (BAC) vulnerability. The affected versions are before version 8.5.10, and from version 8.6.0 before 8.13.1.
Remediation
References
Related Vulnerabilities
MySQL CVE-2018-2591 Vulnerability (CVE-2018-2591)
WordPress Plugin Fluid Responsive Slideshow Multiple Vulnerabilities (2.2.6)
WordPress Plugin Comments Like Dislike Security Bypass (1.1.3)
Drupal Core 5.x Multiple Vulnerabilities (5.0 - 5.21)
WordPress Plugin Beaver Builder-WordPress Page Builder Security Bypass (1.7)