Security Advisory

CVE-2021-41311

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-12-08 03:35:11

Last updated 2024-10-10 14:00:43

Assigner atlassian

State PUBLISHED

Description

Affected versions of Atlassian Jira Server and Data Center allow attackers with access to an administrator account that has had its access revoked to modify projects Users & Roles settings, via a Broken Authentication vulnerability in the /plugins/servlet/project-config/PROJECT/roles endpoint. The affected versions are before version 8.19.1.

← Browse all CVEs View on cve.org ↗