Description
Affected versions of Atlassian Jira Server and Data Center allow a remote attacker who has had their access revoked from Jira Service Management to enable and disable Issue Collectors on Jira Service Management projects via an Improper Authentication vulnerability in the /secure/ViewCollectors endpoint. The affected versions are before version 8.19.1.
Remediation
References
Related Vulnerabilities
WordPress 5.4.x PHP Object Injection (5.4 - 5.4.5)
Nginx Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-2263)
OpenSSL Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-4044)
WordPress Plugin WordPress for Google Maps-WP MAPS SQL Injection (4.1.3)
OpenSSL Resource Management Errors Vulnerability (CVE-2011-3210)