Security Advisories

Owned by Andreas Schmidt
Last updated: Aug 28, 2024
1 min read

Security advisories are critical notifications about vulnerabilities that could potentially impact the security of our products. These advisories include detailed information about the nature of the vulnerability, the affected products and versions, and the steps required to mitigate the risk.

 

2024-09 - P1 - Cloud - Unauthorized Data Leakage in Jira Service Desk via Microsoft To-Do Integration

Summary

In theory, any authorized Jira Service Management customer user would’ve had the ability to create a To-Do sync that creates a new Task for all service requests in their own To-Do list by crafting multiple request against our internal API. This synchronization includes the most essential field details: title, summary and due date of the service request. The issue has been resolved. No action is required from our customers. We haven’t identified any attempt to exploit this issue.