Description
secure/ConfigureReleaseNote.jspa in Atlassian JIRA 3.6.2-#156 allows remote attackers to obtain sensitive information via unspecified manipulations of the projectId parameter, which displays the installation path and other system information in an error message.
Remediation
References
Related Vulnerabilities
Jboss EAP CVE-2012-5626 Vulnerability (CVE-2012-5626)
WordPress Deserialization of Untrusted Data Vulnerability (CVE-2018-19296)
Oracle Database Server CVE-2019-2749 Vulnerability (CVE-2019-2749)
WordPress Plugin WP Publication Archive 'file' Parameter Directory Traversal (2.3)
Atlassian Confluence CVE-2023-22508 Vulnerability (CVE-2023-22508)