Infosysta

In-app & Desktop Notifications

4 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2019-16908

Exploit
  • EPSS 0.38%
  • Veröffentlicht 01.11.2019 12:15:10
  • Zuletzt bearbeitet 21.11.2024 04:31:19

An issue was discovered in the Infosysta "In-App & Desktop Notifications" app before 1.6.14_J8 for Jira. It is possible to obtain a list of all Jira projects without authentication/authorization via the plugins/servlet/nfj/ProjectFilter?searchQuery= ...

4.3

CVE-2019-16909

Exploit
  • EPSS 0.28%
  • Veröffentlicht 01.11.2019 12:15:10
  • Zuletzt bearbeitet 21.11.2024 04:31:19

An issue was discovered in the Infosysta "In-App & Desktop Notifications" app before 1.6.14_J8 for Jira. It is possible to obtain a list of all Jira projects (with authentication as a Jira user, but without authorization for specific projects) via th...

7.5

CVE-2019-16906

  • EPSS 0.37%
  • Veröffentlicht 31.10.2019 22:15:10
  • Zuletzt bearbeitet 21.11.2024 04:31:19

An issue was discovered in the Infosysta "In-App & Desktop Notifications" app 1.6.13_J8 for Jira. By using plugins/servlet/nfj/PushNotification?username= with a modified username, a different user's notifications can be read without authentication/au...

5.3

CVE-2019-16907

Exploit
  • EPSS 0.34%
  • Veröffentlicht 31.10.2019 22:15:10
  • Zuletzt bearbeitet 21.11.2024 04:31:19

An issue was discovered in the Infosysta "In-App & Desktop Notifications" app 1.6.13_J8 for Jira. It is possible to obtain a list of all valid Jira usernames without authentication/authorization via the plugins/servlet/nfj/UserFilter?searchQuery=@ UR...