Description

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to access sensitive information without being authenticated in the Global permissions screen. The affected versions are before version 8.8.0.

Remediation

References

CVE-2019-20898

Related Vulnerabilities

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6100)

IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1394)

Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-27903)

TYPO3 Improper Input Validation Vulnerability (CVE-2013-4250)

MySQL CVE-2013-3783 Vulnerability (CVE-2013-3783)

Severity

High

Classification

CVE-2019-20898

Tags

Missing Update Known Vulnerabilities