-
Public Security Vulnerability
-
Resolution: Fixed
-
Low (View bug fix roadmap)
-
8.21.0
-
None
-
3
-
Low
Affected versions of Atlassian Jira Server and Data Centre allow remote attackers to modify the hierarchy structure of the Portfolio Plugin via a Broken Access Control vulnerability in the hierarchy configuration component.
The affected versions are before version 8.20.4, and from version 8.21.0 before 8.22.0.
Affected versions:
- version < 8.20.4
- 8.21.0 ≤ version < 8.22.0
Fixed versions:
- 8.20.4
- 8.22.0
Admin user can change Portfolio Plugin hierarchy without WebSudo validation
-
-
Resolution: Fixed
-
Low
-
8.21.0
-
None
-
3
-
Low
Affected versions of Atlassian Jira Server and Data Centre allow remote attackers to modify the hierarchy structure of the Portfolio Plugin via a Broken Access Control vulnerability in the hierarchy configuration component.
The affected versions are before version 8.20.4, and from version 8.21.0 before 8.22.0.
Affected versions:
- version < 8.20.4
- 8.21.0 ≤ version < 8.22.0
Fixed versions:
- 8.20.4
- 8.22.0
-
Unassigned
-
Security Metrics Bot
- Votes:
-
0 Vote for this issue
- Watchers:
-
0 Start watching this issue
- Created:
- Updated:
- Resolved: