Main Vulnerability Database Exploits ID:6985 - Exploit for Information disclosure in Jira Software - CVE-2020-14181

ID:6985 - Exploit for Information disclosure in Jira Software - CVE-2020-14181

Published: November 3, 2021

Vulnerability identifier: #VU46867

Vulnerability risk: Low

CVE-ID: CVE-2020-14181

CWE-ID: CWE-200

Exploitation vector: Remote access

Vulnerable software:
Jira Software

Link to public exploit:

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to excessive data output in the /ViewUserHover.jspa endpoint. A remote attacker an enumerate application users.

Install update from vendor's website.