CVEs-PoC/2019/CVE-2019-14995.md at main

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-02-12 22:53:11 +00:00

Files

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

955 B

Raw Permalink Blame History

CVE-2019-14995

Description

The /rest/api/1.0/render resource in Jira before version 8.4.0 allows remote anonymous attackers to determine if an attachment with a specific name exists and if an issue key is valid via a missing permissions check.

POC

Reference

https://jira.atlassian.com/browse/JRASERVER-69792
https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0836
https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0837

Github

https://github.com/20142995/nuclei-templates
https://github.com/cyb3r-w0lf/nuclei-template-collection

955 B Raw Permalink Blame History

CVE-2019-14995

Description

POC

Reference

Github

955 B

Raw Permalink Blame History