CVE-2021-41311
CVE-2021-41311 affects Atlassian Jira Server/Data Center prior to 8.19.1. A broken authentication flaw in the /plugins/servlet/project-config/PROJECT/roles endpoint allows an attacker with revoked admin access to modify project Users & Roles settings. Impact is unauthenticated? Not explicitly sta...