Description
secure/ConfigureReleaseNote.jspa in Atlassian JIRA 3.6.2-#156 allows remote attackers to obtain sensitive information via unspecified manipulations of the projectId parameter, which displays the installation path and other system information in an error message.
References (5)
Core 5
Core References
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2006/2472
Third Party Advisory x_refsource_misc
http://pridels0.blogspot.com/2006/06/atlassian-jira-information-disclosure.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/27235
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/26745
Various Sources x_refsource_confirm
http://jira.atlassian.com/browse/JRA-10542
Scores
EPSS
0.0045
EPSS Percentile
64.0%
Details
Status
published
Products (1)
atlassian/jira
3.6.2_156
Published
Jul 03, 2006
Tracked Since
Feb 18, 2026