This page relates to an older version 1.23 of Rich Filters for Jira Dashboards for Server & Data Center. See the documentation index for other versions, or for the Cloud version of Rich Filters.

2022-02-04 Low Severity Vulnerability

SummaryLow Severity Vulnerability
Advisory DateFeb 04, 2022
ProductRich Filters for Jira Dashboards
Affected versionsRich Filters Server and Data Center versions up to 1.20.0 included
Not ImpactedRich Filters Cloud is not affected
Updated versionsRich Filters for Jira Dashboards for Server / Data Center version 1.21.0 and above
CVSS Base Score3.7

Summary of vulnerability

This advisory discloses a low severity security vulnerability affecting our Rich Filters for Jira Dashboards app for Server and Data Center only. The Cloud version of the app is not and has never been affected in any way.

This vulnerability has been discovered through our security audits and we're not aware of this vulnerability being known and exploited before the date of this advisory. 

Description

It is possible for attackers who have login rights together with some other specific permissions to gain access that is restricted to other users on the same instance. This can lead to information disclosure. 

What you need to do

Upgrade your Rich Filters for Jira Dashboards app for Server/Data Center to version to 1.21.0 or above. 

Support

If you have questions or concerns regarding this advisory, please raise a support request via our Product Support Portal