VYPR
Medium severity6.5NVD Advisory· Published Jun 30, 2022· Updated Jun 17, 2026

CVE-2022-26135

CVE-2022-26135

Description

A vulnerability in Mobile Plugin for Jira Data Center and Server allows a remote, authenticated user (including a user who joined via the sign-up feature) to perform a full read server-side request forgery via a batch endpoint. This affects Atlassian Jira Server and Data Center from version 8.0.0 before version 8.13.22, from version 8.14.0 before 8.20.10, from version 8.21.0 before 8.22.4. This also affects Jira Management Server and Data Center versions from version 4.0.0 before 4.13.22, from version 4.14.0 before 4.20.10 and from version 4.21.0 before 4.22.4.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.