May 2026: Microsoft SSO Plugin for Jira & Confluence Elevation of Privilege Vulnerability
CVE-2026-41103 Published on May 12, 2026

Microsoft SSO Plugin for Jira & Confluence Elevation of Privilege Vulnerability
Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows an unauthorized attacker to elevate privileges over a network.

Vendor Advisory NVD

Weakness Type

Incorrect Implementation of Authentication Algorithm

The requirements for the software dictate the use of an established authentication algorithm, but the implementation of the algorithm is incorrect. This incorrect implementation may allow authentication to be bypassed.

Products Associated with CVE-2026-41103

stack.watch emails you whenever new vulnerabilities are published in Microsoft Jira Saml Sso Plugin or Microsoft Confluence Saml Sso Plugin. Just hit a watch button to start following.

Microsoft Jira Saml Sso Plugin

Microsoft Confluence Saml Sso Plugin

Affected Versions

Microsoft Confluence SAML SSO plugin:

Version 1.0.0 and below 7.4.0 is affected.

Microsoft JIRA SAML SSO plugin:

Version 1.0.0 and below 1.3.3 is affected.

May 2026: Microsoft SSO Plugin for Jira & Confluence Elevation of Privilege VulnerabilityCVE-2026-41103 Published on May 12, 2026

Weakness Type

Incorrect Implementation of Authentication Algorithm

Products Associated with CVE-2026-41103

Affected Versions

May 2026: Microsoft SSO Plugin for Jira & Confluence Elevation of Privilege Vulnerability
CVE-2026-41103 Published on May 12, 2026