CVE-2020-14165
CVE-2020-14165
The UniversalAvatarResource.getAvatars resource in Jira Server and Data Center before version 8.9.0 allows remote attackers to obtain information about custom project avatars names via an Improper authorization vulnerability.
Affected products
Atlassian · Jira Server and Data CenterWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →