Atlassian Jira Improper Authentication Vulnerability - CVE-2021-41308
Affected versions of Atlassian Jira Server and Data Center allow authenticated yet non-administrator remote attackers to edit the File Replication settings via a Broken Access Control vulnerability in the ReplicationSettingsdefault.jspa endpoint. The affected versions are before version 8.6.0 from version 8.7.0 before 8.13.12 and from version 8.14.0 before 8.20.1.