Security Advisories
Security advisories are critical notifications about vulnerabilities that could potentially impact the security of our products. These advisories include detailed information about the nature of the vulnerability, the affected products and versions, and the steps required to mitigate the risk.
Â
2024-09 - P1 - Cloud - Unauthorized Data Leakage in Jira Service Desk via Microsoft To-Do Integration
Summary
In theory, any authorized Jira Service Management customer user would’ve had the ability to create a To-Do sync that creates a new Task for all service requests in their own To-Do list by crafting multiple request against our internal API. This synchronization includes the most essential field details: title, summary and due date of the service request. The issue has been resolved. No action is required from our customers. We haven’t identified any attempt to exploit this issue.