A supply-chain attack could have siphoned sensitive information out of Jira, such as security issues on Atlassian cloud, Bitbucket and on-prem products. The flaws could have also enabled an attacker to take over accounts and to control some of Atlassian s applications, including Jira and Confluence. Jira counts some heavyweights among its fan base: The software-development tool is used by more than 65,000 customers, including the likes of Cisco, Cisco, Pfizer and Visa.
Source: https://threatpost.com/atlassian-bugs-could-have-led-to-1-click-takeover/167203/