CVE-2020-14180
published 2020-09-21CVE-2020-14180: Affected versions of Atlassian Jira Service Desk Server and Data Center allow remote attackers authenticated as a non-administrator user to view Project…
medium4.3CVSS 3.1
AVNACLPRLUINSUCLINAN
Affected versions of Atlassian Jira Service Desk Server and Data Center allow remote attackers authenticated as a non-administrator user to view Project Request-Types and Descriptions, via an Information Disclosure vulnerability in the editform request-type-fields resource. The affected versions are before version 4.12.0.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| atlassian | jira_service_desk | < 4.12.0 | 4.12.0 |
| atlassian | jira_service_desk_server | >= unspecified < 4.12.0 | 4.12.0 |