CVE-2025-22168

Medium CVSS: 5.3

Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was able to read the steps of another user's private checklist.

Vendor

Atlassian

Product

Jira Align

CWE

NVD-CWE-noinfo

Yayın Tarihi

2025-10-22 17:15:57

Güncelleme

2025-10-24 15:15:38

Source Identifier

security@atlassian.com

KEV Date Added

Kategoriler

NVD-CWE-noinfo Jira Align MEDIUM Atlassian 2025

Referanslar

https://jira.atlassian.com/browse/JIRAALIGN-8637

Benzer Kayıtlar

High

CVE-2026-21569

This High severity XXE (XML External Entity Injection) vulnerability was introduced in version 7.1.0 of Crowd Data Cente…

Medium

CVE-2025-22176

Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a…

Medium

CVE-2025-22177

Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a…

Medium

CVE-2025-22178

Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a…

Medium

CVE-2025-22169

Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a…

Medium

CVE-2025-22170

Jira Align is vulnerable to an authorization issue. A low-privilege user without sufficient privileges to perform an act…