cve/CVE-2020-29453.md at 7482ec4521a75dd13882dc1283f17009c936e974

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 01:04:30 +00:00

marc 555e9c7de4 Update Sat May 25 21:48:12 CEST 2024

2024-05-25 21:48:12 +02:00

Description

The CachingResourceDownloadRewriteRule class in Jira Server and Jira Data Center before version 8.5.11, from 8.6.0 before 8.13.3, and from 8.14.0 before 8.15.0 allowed unauthenticated remote attackers to read arbitrary files within WEB-INF and META-INF directories via an incorrect path access check.

POC

Reference

No PoCs from references.

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/ARPSyndicate/kenzer-templates
https://github.com/UGF0aWVudF9aZXJv/Atlassian-Jira-pentesting
https://github.com/pen4uin/awesome-vulnerability-research
https://github.com/pen4uin/vulnerability-research
https://github.com/pen4uin/vulnerability-research-list
https://github.com/sushantdhopat/JIRA_testing

1.2 KiB Raw Blame History

CVE-2020-29453

Description

POC

Reference

Github

1.2 KiB

Raw Blame History