Vulnerabilities > Atlassian > Jira Software Data Center > 8.13.12
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-08 | CVE-2021-41309 | Improper Authentication vulnerability in Atlassian Jira Software Data Center Affected versions of Atlassian Jira Server and Data Center allow a user who has had their Jira Service Management access revoked to export audit logs of another user's Jira Service Management project via a Broken Authentication vulnerability in the /plugins/servlet/audit/resource endpoint. | 5.0 |
| 2021-12-08 | CVE-2021-41311 | Improper Authentication vulnerability in Atlassian Jira Software Data Center Affected versions of Atlassian Jira Server and Data Center allow attackers with access to an administrator account that has had its access revoked to modify projects' Users & Roles settings, via a Broken Authentication vulnerability in the /plugins/servlet/project-config/PROJECT/roles endpoint. | 5.0 |