Description
secure/ConfigureReleaseNote.jspa in Atlassian JIRA 3.6.2-#156 allows remote attackers to obtain sensitive information via unspecified manipulations of the projectId parameter, which displays the installation path and other system information in an error message.
Remediation
References
Related Vulnerabilities
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-1864)
Oracle Application Server Other Vulnerability (CVE-2007-3863)
SharePoint Improper Input Validation Vulnerability (CVE-2019-1257)
WordPress Plugin Product Catalog 8 SQL Injection (1.2.0)
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Cross-Site Scripting (1.5.68)