cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-36803,https://securityvulnerability.io/vulnerability/CVE-2022-36803,Unauthorized Role Escalation in Atlassian Jira Align Server,"The MasterUserEdit API in Atlassian Jira Align Server versions before 10.109.2 is vulnerable to unauthorized role escalation. An authenticated attacker possessing the People role permission can exploit this API to elevate any user's role to that of a Super Admin. This flaw poses significant risks to system integrity and data security, allowing malicious users to gain unrestricted administrative access.",Atlassian,Jira Align,8.8,HIGH,0.0014199999859556556,false,,false,false,false,,,false,false,,2022-10-14T04:15:00.000Z,0
CVE-2022-36802,https://securityvulnerability.io/vulnerability/CVE-2022-36802,Server-Side Request Forgery Vulnerability in Atlassian Jira Align,"The ManageJiraConnectors API in Atlassian Jira Align before version 10.109.2 is vulnerable to a Server-Side Request Forgery (SSRF) attack. This security flaw permits remote, unauthenticated attackers with Super Admin privileges to craft malicious HTTP requests. By exploiting this vulnerability, attackers can gain unauthorized access to sensitive internal network resources, potentially compromising the security and integrity of affected systems.",Atlassian,Jira Align,4.9,MEDIUM,0.0016400000313296914,false,,false,false,false,,,false,false,,2022-10-14T04:15:00.000Z,0