漏洞描述
【漏洞对象】JIRA 【漏洞描述】JIRA是项目与事务跟踪工具,被广泛应用于缺陷跟踪、客户服务、需求收集、流程审批、任务跟踪、项目跟踪和敏捷管理等工作领域。由于配置不当,可导致非授权访问项目跟踪信息,可泄露使用者项目开发进度、修改、配置等敏感信息,可造成数据泄露并为黑客提供攻击信息。
JIRA-非授权访问
PoC代码
暂无相关漏洞推荐
- CVE-2019-8449: Jira Information Disclosure
- POC CVE-2007-0885: Jira Rainbow.Zen - Cross-Site Scripting
- POC CVE-2017-9506: Atlassian Jira IconURIServlet - Cross-Site Scripting/Server-Side Request Forgery
- POC CVE-2018-20824: Atlassian Jira WallboardServlet <7.13.1 - Cross-Site Scripting
- POC CVE-2018-5230: Atlassian Jira Confluence - Cross-Site Scripting
- POC CVE-2019-11581: Atlassian Jira Server-Side Template Injection
- POC CVE-2019-3401: Atlassian Jira <7.13.3/8.0.0-8.1.1 - Incorrect Authorization
- POC CVE-2019-3402: Jira < 8.1.1 - Cross-Site Scripting
- POC CVE-2019-3403: Jira - Incorrect Authorization
- POC CVE-2019-8442: Jira - Local File Inclusion
- POC CVE-2019-8446: Jira Improper Authorization
- POC CVE-2019-8449: Jira <8.4.0 - Information Disclosure
- POC CVE-2019-8451: Jira <8.4.0 - Server-Side Request Forgery