Medium severity5.3NVD Advisory· Published Apr 9, 2021· Updated Jun 17, 2026
CVE-2020-36287
CVE-2020-36287
Description
The dashboard gadgets preference resource of the Atlassian gadgets plugin used in Jira Server and Jira Data Center before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to obtain gadget related settings via a missing permissions check.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- Range: <8.13.5, 8.14.0 <8.15.1
<8.13.5, 8.14.0 <8.15.1+ 1 more
- (no CPE)range: <8.13.5, 8.14.0 <8.15.1
- (no CPE)range: unspecified
<8.13.5, 8.14.0 <8.15.1+ 1 more
- (no CPE)range: <8.13.5, 8.14.0 <8.15.1
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
1- jira.atlassian.com/browse/JRASERVER-72258nvdVendor Advisory
News mentions
0No linked articles in our index yet.