This page relates to an older version 1.24 of Rich Filters for Jira Dashboards for Server & Data Center. See the documentation index for other versions, or for the Cloud version of Rich Filters.
2022-02-04 Low Severity Vulnerability
| Summary | Low Severity Vulnerability |
|---|---|
| Advisory Date | Feb 04, 2022 |
| Product | Rich Filters for Jira Dashboards |
| Affected versions | Rich Filters Server and Data Center versions up to 1.20.0 included |
| Not Impacted | Rich Filters Cloud is not affected |
| Updated versions | Rich Filters for Jira Dashboards for Server / Data Center version 1.21.0 and above |
| CVSS Base Score | 3.7 |
Summary of vulnerability
This advisory discloses a low severity security vulnerability affecting our Rich Filters for Jira Dashboards app for Server and Data Center only. The Cloud version of the app is not and has never been affected in any way.
This vulnerability has been discovered through our security audits and we're not aware of this vulnerability being known and exploited before the date of this advisory.
Description
It is possible for attackers who have login rights together with some other specific permissions to gain access that is restricted to other users on the same instance. This can lead to information disclosure.
What you need to do
Upgrade your Rich Filters for Jira Dashboards app for Server/Data Center to version to 1.21.0 or above.
Support
If you have questions or concerns regarding this advisory, please raise a support request via our Product Support Portal.