CVE-2021-41313

EPSS 0.8%CWE-285

Affected versions of Atlassian Jira Server and Data Center allow authenticated but non-admin remote attackers to edit email batch configurations via an Improper Authorization vulnerability in the /secure/admin/ConfigureBatching!default.jspa endpoint. The affected versions are before version 8.20.7.

Productos afectados

Atlassian · Jira Data Center Atlassian · Jira Server

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://jira.atlassian.com/browse/JRASERVER-72898