Loading...

XML

Word

Printable

Type: Public Security Vulnerability
Resolution: Fixed
Priority: Low
Fix Version/s: 11.16.1
Affects Version/s: 11.14.0, 11.14.1, 11.15.0, 11.15.1, 11.16.0
Component/s: None
Labels:
- dont-import
- nato-pentest-2025

Symptom Severity:
Severity 3 - Minor
CVSS Score:
5.3
CVSS Severity:
Medium
Vulnerability Source:
External Report
Credit:
Frank Lycops, NATO Cyber Security Centre
CVSSv3 Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
Vulnerability Classes:

Improper Authorization
Affected Product(s):

Jira Align

Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was able to modify the steps of another user's private checklist.

is cloned from

JIRAALIGN-8643 Authorization issue in Portfolio Room

Published

was cloned as

JIRAALIGN-8645 Authorization issue in Audit Log

Published

Assignee:: Unassigned

Reporter:: Sam Reid

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2 days ago 8:51 AM

Updated:: 5 hours ago

Resolved:: 2 days ago 8:51 AM

Details

Description

Attachments

Issue Links

Forms

Activity

People

Dates