漏洞描述
该漏洞源于Jira Server and DataCenter允许远程、未经身份验证的攻击者通过/secure/QueryComponent!Default中的一个信息泄露漏洞查看定制字段名和定制SLA名。
Atlassian Jira未授权访问 (CVE-2020-14179)
PoC代码
暂无相关漏洞推荐
-
CVE-2019-11581: Atlassian Jira未授权服务端模板注入漏洞 POC
2025-09-01 | Atlassian JiraJira Server and Data Center is susceptible to a server-side template injection vulnerability via the... -
CVE-2019-8442: Atlassian Jira webroot leak POC
2025-09-01 | Atlassian JiraAtlassian Jira是澳大利亚Atlassian公司的一套缺陷跟踪管理系统。该系统主要用于对工作中各类问题、缺陷进行跟踪管理。 Atlassian Jira 7.13.4之前版本、8.0.4之... -
CVE-2022-0540: Atlassian Jira - Authentication bypass in Seraph POC
2025-09-01 | Atlassian JiraA vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication b... -
CVE-2020-10199: Nexus Repository before 3.21.2 allows JavaEL Injection POC
2025-09-01 | Nexus Repository漏洞触发需要任意账户权限 body="Nexus Repository Manager" app="Nexus-Repository-Manager" -
CVE-2020-11455: LimeSurvey 4.1.11 - Path Traversal POC
2025-09-01 | LimeSurveyLimeSurvey before 4.1.12+200324 contains a path traversal vulnerability in application/controllers/a...