Vulnerabilities > CVE-2022-39960 - Missing Authorization vulnerability in Netic Group Export 1.0.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
NONE Availability impact
NONE Summary
The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all groups from the Jira instance by making a groupexport_download=true request to a plugins/servlet/groupexportforjira/admin/ URI.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |