CVE-2025-22169

Medium CVSS: 5.3

Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was able to subscribe to an item/object without having the expected permission level.

Vendor

Atlassian

Product

Jira Align

CWE

CWE-285

Yayın Tarihi

2025-10-22 17:15:57

Güncelleme

2025-10-24 14:24:57

Source Identifier

security@atlassian.com

KEV Date Added

Kategoriler

CWE-285 Jira Align MEDIUM Atlassian 2025

Referanslar

https://jira.atlassian.com/browse/JIRAALIGN-8638

Benzer Kayıtlar

High

CVE-2026-21569

This High severity XXE (XML External Entity Injection) vulnerability was introduced in version 7.1.0 of Crowd Data Cente…

Medium

CVE-2025-22176

Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a…

Medium

CVE-2025-22177

Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a…

Medium

CVE-2025-22178

Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a…

Medium

CVE-2025-22168

Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a…

Medium

CVE-2025-22170

Jira Align is vulnerable to an authorization issue. A low-privilege user without sufficient privileges to perform an act…