Comment properties in Atlassian Jira Server and Data Center before version 7.13.12, from 8.0.0 before version 8.5.4, and 8.6.0 before version 8.6.1 allows remote malicious users to make comments on a ticket to which they do not have commenting permissions via a broken access control bug.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
atlassian jira |
||
atlassian jira data center |
||
atlassian jira data center 8.6.0 |
||
atlassian jira server |
||
atlassian jira server 8.6.0 |
||
atlassian jira software data center |