CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-21685
https://notcve.org/view.php?id=CVE-2024-21685
18 Jun 2024 — This High severity Information Disclosure vulnerability was introduced in versions 9.4.0, 9.12.0, and 9.15.0 of Jira Core Data Center. This Information Disclosure vulnerability, with a CVSS Score of 7.4, allows an unauthenticated attacker to view sensitive information via an Information Disclosure vulnerability which has high impact to confidentiality, no impact to integrity, no impact to availability, and requires user interaction. Atlassian recommends that Jira Core Data Center customers upgrade to latest... • https://confluence.atlassian.com/pages/viewpage.action?pageId=1409286211 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 3.5EPSS: 0%CPEs: 3EXPL: 0CVE-2015-8481
https://notcve.org/view.php?id=CVE-2015-8481
08 Jan 2016 — Atlassian JIRA Software 7.0.3, JIRA Core 7.0.3, and the bundled JIRA Service Desk 3.0.3 installer attaches the wrong image to e-mail notifications when a user views an issue with inline wiki markup referencing an image attachment, which might allow remote attackers to obtain sensitive information by updating a different issue that includes wiki markup for an external image reference. Atlassian JIRA Software 7.0.3, JIRA Core 7.0. 3 y el instalador de paquete JIRA Service Desk 3.0.3 anexa la imagen incorrecta... • http://www.securityfocus.com/bid/79381 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •