Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view private objects via a Broken Access Control vulnerability in the Custom Fields feature. The affected versions are before version 4.21.0.
CPE | Name | Operator | Version |
---|---|---|---|
jira_service_management | lt | 4.21.0 | |
jira_service_management | lt | 4.21.0 |