CVE-2020-14180

Summary

Affected versions of Atlassian Jira Service Desk Server and Data Center allow remote attackers authenticated as a non-administrator user to view Project Request-Types and Descriptions, via an Information Disclosure vulnerability in the editform request-type-fields resource. The affected versions are before version 4.12.0.

Affected Software

VendorProductVersion RangeStatus
AtlassianJira Service Desk Serverunspecified < 4.12.0affected

Weaknesses

  • Broken Access Control

ADP Enrichment

CVE Program Container

Additional References

References