Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was able to read external reports without the required permission.
Metrics
Affected Vendors & Products
Advisories
No advisories yet.
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
Link | Providers |
---|---|
https://jira.atlassian.com/browse/JIRAALIGN-8641 |
![]() ![]() |
History
Wed, 22 Oct 2025 16:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was able to read external reports without the required permission. | |
References |
| |
Metrics |
cvssV4_0
|

Status: PUBLISHED
Assigner: atlassian
Published:
Updated: 2025-10-22T16:30:03.984Z
Reserved: 2025-01-01T00:01:27.177Z
Link: CVE-2025-22172

No data.

Status : Awaiting Analysis
Published: 2025-10-22T17:15:57.613
Modified: 2025-10-22T21:12:32.330
Link: CVE-2025-22172

No data.

No data.