CVE-2025-22174

Name of the Vulnerable Software and Affected Versions Jira Align (affected versions not specified)

Description A low-privilege user can access unexpected API endpoints, potentially disclosing a limited amount of sensitive information. An example of this issue involves a user with limited permissions being able to view portfolio rooms without the necessary authorization. The affected API endpoints allow unauthorized access to data.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.