CVE-2022-38367

MEDIUM

Netic User Export <2.0.6 - Info Disclosure

Title source: llm
STIX 2.1

Description

The Netic User Export add-on before 2.0.6 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all users from Jira by making an HTTP request to the affected endpoint.

References (2)

Core 2
Core References

Scores

CVSS v3 5.3
EPSS 0.0042
EPSS Percentile 34.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Details

CWE
CWE-862
Status published
Products (1)
netic/user_export_for_jira < 2.0.6
Published Sep 05, 2022
Tracked Since Feb 18, 2026