Description
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to read particular files via a path traversal vulnerability in the /WEB-INF/web.xml endpoint. The affected versions are before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.0 before 8.16.1.
Remediation
References
Related Vulnerabilities
WordPress Plugin Social Share Buttons-Social Pug Multiple Unspecified Vulnerabilities (1.3.1)
WordPress Plugin WP Mega Menu Security Bypass (1.4.0)
Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.5)
Apache Tomcat Incorrect Authorization Vulnerability (CVE-2016-6797)
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2017-3169)