CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-39960

The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all groups from the Jira instance by making a groupexport_download=true request to a plugins/servlet/groupexportforjira/admin/ URI.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.736

EPSS Ranking 98.7%

CVSS Severity

CVSS v3 Score 5.3

References

https://gist.github.com/CveCt0r/ca8c6e46f536e9ae69fc6061f132463e
https://marketplace.atlassian.com/apps/1222388/group-export-for-jira/version-history
https://gist.github.com/CveCt0r/ca8c6e46f536e9ae69fc6061f132463e
https://marketplace.atlassian.com/apps/1222388/group-export-for-jira/version-history

Products affected by CVE-2022-39960

Netic » Group Export » Version: N/A

cpe:2.3:a:netic:group_export:-
Netic » Group Export » Version: 1.0.1

cpe:2.3:a:netic:group_export:1.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-39960

Products

Pricing

Contact Us