Authorization issue in Private Checklists

XMLWordPrintable

    • Type: Public Security Vulnerability
    • Resolution: Fixed
    • Priority: Low
    • 11.16.1
    • Affects Version/s: 11.14.0, 11.14.1, 11.15.0, 11.15.1, 11.16.0
    • Component/s: None
    • Severity 3 - Minor
    • 5.3
    • Medium
    • External Report
    • Frank Lycops, NATO Cyber Security Centre
    • CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
    • Improper Authorization
    • Jira Align

      Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was able to modify the steps of another user's private checklist.

            Assignee:
            Unassigned
            Reporter:
            Sam Reid
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: