VYPR
Unrated severityNVD Advisory· Published Dec 17, 2019· Updated Sep 16, 2024

CVE-2019-15011

CVE-2019-15011

Description

The ListEntityLinksServlet resource in Application Links before version 5.0.12, from version 5.1.0 before version 5.2.11, from version 5.3.0 before version 5.3.7, from version 5.4.0 before 5.4.13, and from version 6.0.0 before 6.0.5 disclosed application link information to non-admin users via a missing permissions check.

Affected products

2
  • Atlassian/Application Linksllm-fuzzy2 versions
    < 5.0.12 || >= 5.1.0 < 5.2.11 || >= 5.3.0 < 5.3.7 || >= 5.4.0 < 5.4.13 || >= 6.0.0 < 6.0.5+ 1 more
    • (no CPE)range: < 5.0.12 || >= 5.1.0 < 5.2.11 || >= 5.3.0 < 5.3.7 || >= 5.4.0 < 5.4.13 || >= 6.0.0 < 6.0.5
    • (no CPE)range: unspecified

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.