Details
-
Public Security Vulnerability
-
Status: Published (View Workflow)
-
Low
-
Resolution: Fixed
-
8.19.0, 8.20.0
-
None
-
5
-
Medium
-
CVE-2021-43946
Description
Affected versions of Atlassian Jira Server and Data Center allow authenticated remote attackers to add administrator groups to filter subscriptions via a Broken Access Control vulnerability in the /secure/EditSubscription.jspa endpoint.
The affected versions are before version 8.21.0.
Affected versions:
- version < 8.21.0
Fixed versions:
- 8.21.0