Loading...

XML

Word

Printable

Type: Public Security Vulnerability
Resolution: Fixed
Priority: Low
Fix Version/s: 11.16.1
Affects Version/s: 11.14.0, 11.14.1, 11.15.0, 11.15.1, 11.16.0
Component/s: None
Labels:
- dont-import
- nato-pentest-2025

Symptom Severity:
Severity 3 - Minor
CVSS Score:
5.3
CVSS Severity:
Medium
Vulnerability Source:
External Report
Credit:
Frank Lycops, NATO Cyber Security Centre
CVSSv3 Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
Vulnerability Classes:

Improper Authorization
Affected Product(s):

Jira Align

Jira Align is vulnerable to an authorization issue. A low-privilege user without sufficient privileges to perform an action could if they included a particular state-related parameter of a user with sufficient privileges to perform the action.

is cloned from

JIRAALIGN-8638 Authorization issue in Subscription Functionality

Published

was cloned as

JIRAALIGN-8640 Authorization issue in Add Checklists

Published

Assignee:: Unassigned

Reporter:: Sam Reid

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 3 days ago 8:25 AM

Updated:: Yesterday 4:30 PM

Resolved:: 3 days ago 8:27 AM

Details

Description

Attachments

Issue Links

Forms

Activity

People

Dates