Atlassian Jira Align
Moderate fix1 remedy
cpe:2.3:a:atlassian:jira_align:*:*:*:*:*:*:*
Moderate fix1 remedy
- 11.14.0
- 11.14.1
- 11.15.0
- 11.15.1
- 11.16.0
Atlassian Jira Align Improper Authorization Vulnerability Allowing Unauthorized Access to Sensitive Information
Vulnerability
Patched
A vulnerability in Jira Align related to improper authorization has been identified. This issue allows low-privilege users to access certain endpoints that reveal a limited amount of sensitive information. For instance, a user with minimal permissions was able to subscribe to an item or object without the necessary authorization level. The vulnerability affects Jira Align versions 11.14.0, 11.14.1, 11.15.0, 11.15.1, and 11.16.0.
Impact
Exploitation of this vulnerability could lead to unauthorized access to sensitive information and allow low-privilege users to perform actions reserved for higher-privilege users, such as subscribing to certain items or objects.
Remediation
Users can upgrade to Jira Align version 11.16.1 to address this vulnerability.
Added: Oct 22, 2025, 6:29 PM
Updated: Oct 22, 2025, 9:27 PM
Vulnerability Rating
Custom Algorithm
spread
1.0impact
1.3exploitability
5.4remediation
7.7relevance
0.7threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.