• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-862

CVE-2019-16906

February 26, 2023 by

An issue was discovered in the Infosysta “In-App & Desktop Notifications” app 1.6.13_J8 for Jira. By using plugins/servlet/nfj/PushNotification?username= with a modified username, a different user’s notifications can be read without authentication/authorization. These notifications are then no longer displayed to the normal user.

CVE-2019-16907

February 26, 2023 by

An issue was discovered in the Infosysta “In-App & Desktop Notifications” app 1.6.13_J8 for Jira. It is possible to obtain a list of all valid Jira usernames without authentication/authorization via the plugins/servlet/nfj/UserFilter?searchQuery=@ URI.

CVE-2019-16909

February 26, 2023 by

An issue was discovered in the Infosysta “In-App & Desktop Notifications” app before 1.6.14_J8 for Jira. It is possible to obtain a list of all Jira projects (with authentication as a Jira user, but without authorization for specific projects) via the plugins/servlet/nfj/NotificationSettings URI.

CVE-2019-16738

February 26, 2023 by

In MediaWiki through 1.33.0, Special:Redirect allows information disclosure of suppressed usernames via a User ID Lookup.

CVE-2019-16698

February 26, 2023 by

The direct_mail (aka Direct Mail) extension through 5.2.2 for TYPO3 has a missing access check in the backend module, allowing a user (with restricted permissions to the fe_users table) to view and export data of frontend users who are subscribed to a newsletter.

CVE-2019-16547

February 26, 2023 by

Missing permission checks in various API endpoints in Jenkins Google Compute Engine Plugin 4.1.1 and earlier allow attackers with Overall/Read permission to obtain limited information about the plugin configuration and environment.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 69
  • Go to page 70
  • Go to page 71
  • Go to page 72
  • Go to page 73
  • Interim pages omitted …
  • Go to page 211
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE