Community
Products
Jira
Questions
Sensitive data exposure via /secure/QueryComponent!Default.jspa endpoint - CVE-2020-14179

Sensitive data exposure via /secure/QueryComponent!Default.jspa endpoint - CVE-2020-14179

This is follow up of https://jira.atlassian.com/browse/JRASERVER-71536 which is not fixed properly

The work around provided for fixed versions isn't working. The issue still persists.

Currently following work around provided for non-fixed version and its working, Looking forward dark feature support instead of change urlrewrite.xml file.

1 answer

0 votes

Hm, check open Jira's right most of system still open

https://jira.ncsa.illinois.edu//secure/QueryComponent!Default.jspa

But I would say sensitive data I did not find, because the same info I can find in other vectors like google dorks and logs in different forums, code in github, bitbucket, gitee.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Forums

Product Q&A

Community resources

Support

Top groups

Community resources

Support

Learn

Community resources

Support

Events

Community resources

Support

Sensitive data exposure via /secure/QueryComponent!Default.jspa endpoint - CVE-2020-14179

1 answer

Suggest an answer

Was this helpful?

Thanks!

TAGS

Community showcase

Earn a Badge, Win a Prize 🎁

Atlassian Community Events

Forums

Have more fun with Kudos

Product Q&A

Community resources

Support

Top groups

Community resources

Support

Learn

Community resources

Support

Events

Community resources

Support

Sensitive data exposure via /secure/QueryComponent!Default.jspa endpoint - CVE-2020-14179

1 answer

Suggest an answer

Was this helpful?

Thanks!

TAGS

Community showcase

Earn a Badge, Win a Prize 🎁

Atlassian Community Events