Permission Check Vulnerability in Application Links by Atlassian
CVE-2019-15011
4.3MEDIUM
What is CVE-2019-15011?
The ListEntityLinksServlet in Atlassian's Application Links is prone to a vulnerability that allows non-admin users to access sensitive application link information due to a lack of proper permission checks in specific versions. This issue affects several versions before updates were released, posing risks of unauthorized information disclosure.
Affected Version(s)
Application Links < 5.0.12
Application Links 5.1.0
Application Links < 5.2.11