Unauthenticated Path Traversal Vulnerability in STAGIL Navigation for Jira - Menu & Themes Plugin
CVE-2023-26256 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
An unauthenticated path traversal vulnerability affects the "STAGIL Navigation for Jira - Menu & Themes" plugin before 2.0.52 for Jira. By modifying the fileName parameter to the snjFooterNavigationConfig endpoint, it is possible to traverse and read the file system.
Learn more about our Web Application Penetration Testing UK.