Atlassian

Jira Align

13 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2025-22169

  • EPSS 0.04%
  • Veröffentlicht 22.10.2025 16:30:04
  • Zuletzt bearbeitet 24.10.2025 14:24:57

Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was able to subscribe to an item/object without having the e...

4.3

CVE-2025-22170

  • EPSS 0.04%
  • Veröffentlicht 22.10.2025 16:30:04
  • Zuletzt bearbeitet 24.10.2025 14:24:12

Jira Align is vulnerable to an authorization issue. A low-privilege user without sufficient privileges to perform an action could if they included a particular state-related parameter of a user with sufficient privileges to perform the action.

4.3

CVE-2025-22173

  • EPSS 0.04%
  • Veröffentlicht 22.10.2025 16:30:04
  • Zuletzt bearbeitet 24.10.2025 14:23:38

Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was able to view certain sprint data without the required pe...

4.3

CVE-2025-22174

  • EPSS 0.04%
  • Veröffentlicht 22.10.2025 16:30:04
  • Zuletzt bearbeitet 24.10.2025 14:23:22

Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was able to view portfolio rooms without the required permis...

4.3

CVE-2025-22178

  • EPSS 0.04%
  • Veröffentlicht 22.10.2025 16:30:04
  • Zuletzt bearbeitet 24.10.2025 14:20:29

Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was able to view items on the "Why" page.

4.3

CVE-2025-22172

  • EPSS 0.04%
  • Veröffentlicht 22.10.2025 16:30:03
  • Zuletzt bearbeitet 24.10.2025 14:24:02

Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was able to read external reports without the required permi...

4.3

CVE-2025-22176

  • EPSS 0.04%
  • Veröffentlicht 22.10.2025 16:30:02
  • Zuletzt bearbeitet 24.10.2025 14:20:53

Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was able to view audit log items.

4.3

CVE-2025-22171

  • EPSS 0.04%
  • Veröffentlicht 22.10.2025 16:30:01
  • Zuletzt bearbeitet 24.10.2025 14:24:33

Jira Align is vulnerable to an authorization issue. A low-privilege user is able to alter the private checklists of other users.

4.3

CVE-2025-22168

  • EPSS 0.04%
  • Veröffentlicht 22.10.2025 16:30:00
  • Zuletzt bearbeitet 24.10.2025 15:15:38

Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was able to read the steps of another user's private checkli...

5.4

CVE-2025-22175

  • EPSS 0.04%
  • Veröffentlicht 22.10.2025 16:30:00
  • Zuletzt bearbeitet 27.10.2025 16:15:38

Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was able to modify the steps of another user's private check...