CVE: CVE-2019-15011

Descrizione: The ListEntityLinksServlet resource in Application Links before version 5.0.12, from version 5.1.0 before version 5.2.11, from version 5.3.0 before version 5.3.7, from version 5.4.0 before 5.4.13, and from version 6.0.0 before 6.0.5 disclosed application link information to non-admin users via a missing permissions check.

Vettore di attacco

Riferimenti esterni

• https://ecosystem.atlassian.net/browse/APL-1386

Prodotti interessati

• Atlassian – Application Links

Relazioni con altri prodotti

Produttore:Atlassian
Prodotto: Application Links
Anno: 2019
CWE:
CVSS: 0.0