Description
Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view the names of private objects via an Improper Authorization vulnerability in the "Move objects" feature. The affected versions are before version 4.21.0.
Remediation
References
Related Vulnerabilities
WordPress Plugin Zoho CRM Lead Magnet Unspecified Vulnerability (1.7.2.9)
WordPress Plugin Check & Log Email Cross-Site Scripting (0.3)
WordPress Plugin Evarisk 'uploadPhotoApres.php' Arbitrary File Upload (5.1.5.4)
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10384)
Oracle Application Server CVE-2009-0989 Vulnerability (CVE-2009-0989)