Refresh

This website github-wiki-see.page/m/carnal0wnage/J-PWN/wiki/Unauthenticated-Access-to-JIRA-Resolutions is currently offline. Cloudflare's Always Online™ shows a snapshot of this web page from the Internet Archive's Wayback Machine. To check for the live version, click Refresh.

Unauthenticated Access to JIRA Resolutions - carnal0wnage/J-PWN GitHub Wiki

Unauthenticated Access to JIRA Resolutions

Category: [Info Disclosure]

module name: check_unauthenticated_resolutions

url: /rest/api/2/resolution

[CG] Most sites will give you this data but I've yet to find anything interesting in any of these. YMMV

200 with content

INFO: Checking for Unauthenticated Access to JIRA Resolutions
[Testing URL]: https://JIRASERVER/jira/rest/api/2/resolution

+ Unauthenticated Access to JIRA Resolutions Detected
  URL: https://JIRASERVER/jira/rest/api/2/resolution

  Resolutions Details:
    - ID: 1
      Name: Fixed
      Description: A fix for this issue is checked into the tree and tested.
      API URL: https://JIRASERVER/jira/rest/api/2/resolution/1
    - ID: 2
      Name: Won't Fix
      Description: The problem described is an issue which will never be fixed.
      API URL: https://JIRASERVER/jira/rest/api/2/resolution/2
    - ID: 3
      Name: Duplicate
      Description: The problem is a duplicate of an existing issue.
      API URL: https://JIRASERVER/jira/rest/api/2/resolution/3
<SNIP>

401 Required

INFO: Checking for Unauthenticated Access to JIRA Resolutions
[Testing URL]: http://JIRASERVER/rest/api/2/resolution

- No unauthenticated access to JIRA resolutions detected on: http://JIRASERVER/rest/api/2/resolution
- HTTP Code: 401
⚠️ **GitHub.com Fallback** ⚠️