VYPR
Vendor

Infosysta

Products
1
CVEs
4
Across products
4
Status
Private

Products

1

Recent CVEs

4
  • CVE-2019-16906HigOct 31, 2019
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in the Infosysta "In-App & Desktop Notifications" app 1.6.13_J8 for Jira. By using plugins/servlet/nfj/PushNotification?username= with a modified username, a different user's notifications can be read without authentication/authorization. These…

  • CVE-2019-16908MedNov 1, 2019
    risk 0.35cvss 5.3epss 0.02

    An issue was discovered in the Infosysta "In-App & Desktop Notifications" app before 1.6.14_J8 for Jira. It is possible to obtain a list of all Jira projects without authentication/authorization via the plugins/servlet/nfj/ProjectFilter?searchQuery= URI.

  • CVE-2019-16907MedOct 31, 2019
    risk 0.35cvss 5.3epss 0.02

    An issue was discovered in the Infosysta "In-App & Desktop Notifications" app 1.6.13_J8 for Jira. It is possible to obtain a list of all valid Jira usernames without authentication/authorization via the plugins/servlet/nfj/UserFilter?searchQuery=@ URI.

  • CVE-2019-16909MedNov 1, 2019
    risk 0.28cvss 4.3epss 0.01

    An issue was discovered in the Infosysta "In-App & Desktop Notifications" app before 1.6.14_J8 for Jira. It is possible to obtain a list of all Jira projects (with authentication as a Jira user, but without authorization for specific projects) via the…