VYPR

STAGIL Navigation for Jira - Menu & Themes

by Atlassian

CVEs (2)

  • CVE-2023-26255Feb 28, 2023
    risk 0.07cvss epss 0.48

    An unauthenticated path traversal vulnerability affects the "STAGIL Navigation for Jira - Menu & Themes" plugin before 2.0.52 for Jira. By modifying the fileName parameter to the snjCustomDesignConfig endpoint, it is possible to traverse and read the file system.

  • CVE-2023-26256Feb 28, 2023
    risk 0.07cvss epss 0.12

    An unauthenticated path traversal vulnerability affects the "STAGIL Navigation for Jira - Menu & Themes" plugin before 2.0.52 for Jira. By modifying the fileName parameter to the snjFooterNavigationConfig endpoint, it is possible to traverse and read the file system.