The Webhooks component of Atlassian Jira before version 7.6.7 and from version 7.7.0 before version 7.11.0 allows remote attackers who are able to observe or otherwise intercept webhook events to learn information about changes in issues that should not be sent because they are not contained within the results of a specified JQL query.
References
Link | Resource |
---|---|
https://jira.atlassian.com/browse/JRASERVER-59980 | Exploit Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: atlassian
Published: 2018-07-24T00:00:00
Updated: 2018-07-24T12:57:01
Reserved: 2018-02-01T00:00:00
Link: CVE-2017-18104
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-07-24T13:29:00.230
Modified: 2022-03-25T17:22:36.663
Link: CVE-2017-18104
JSON object: View
Redhat Information
No data.
CWE