CVE-2021-41307

Name of the Vulnerable Software and Affected Versions Atlassian Jira Server and Data Center versions prior to 8.13.12 Atlassian Jira Server and Data Center versions 8.14.0 through 8.19.x

Description The issue allows unauthenticated remote attackers to view the names of private projects and private filters via an Insecure Direct Object References (IDOR) vulnerability in the Workload Pie Chart Gadget.

Recommendations For versions prior to 8.13.12, update to version 8.13.12 or later. For versions 8.14.0 through 8.19.x, update to version 8.20.0 or later. As a temporary workaround, consider disabling the Workload Pie Chart Gadget until a patch is available.