Information Disclosure Vulnerability in Atlassian Jira Tempo Plugin (Version 4.10.0) Allows Unauthorized Access to Issue Summaries

Information Disclosure Vulnerability in Atlassian Jira Tempo Plugin (Version 4.10.0) Allows Unauthorized Access to Issue Summaries

CVE-2019-5095 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

An issue summary information disclosure vulnerability exists in Atlassian Jira Tempo plugin, version 4.10.0. Authenticated users can obtain the summary for issues they do not have permission to view via the Tempo plugin.

Learn more about our User Device Pen Test.