User Login Credential Disclosure in Deviniti Issue Sync Synchronization v3.5.2 for Jira
CVE-2023-30285 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
An issue in Deviniti Issue Sync Synchronization v3.5.2 for Jira allows attackers to obtain the login credentials of a user via a crafted request sent to /rest/synchronizer/1.0/technicalUser.
Learn more about our User Device Pen Test.