Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jira vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-20100
The Atlassian Application Links plugin is vulnerable to cross-site request forgery (CSRF). The following versions are affected: all versions before 5.4.21, from version 6.0.0 before version 6.0.12, from version 6.1.0 before version 6.1.2, from version 7.0.0 before version 7.0.2, ...
Atlassian Jira
Atlassian Jira Server
Atlassian Jira Data Center
3.5
CVSSv2
CVE-2020-14184
Affected versions of Atlassian Jira Server allow remote malicious users to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in Jira issue filter export files. The affected versions are prior to 8.5.9, from version 8.6.0 prior to 8.12.3, and from ...
Atlassian Jira
Atlassian Jira Server
Atlassian Jira Server 8.13.0
9
CVSSv2
CVE-2019-15001
The Jira Importers Plugin in Atlassian Jira Server and Data Cente from version with 7.0.10 prior to 7.6.16, from 7.7.0 prior to 7.13.8, from 8.0.0 prior to 8.1.3, from 8.2.0 prior to 8.2.5, from 8.3.0 prior to 8.3.4 and from 8.4.0 prior to 8.4.1 allows remote attackers with Admin...
Atlassian Jira Server
Atlassian Jira Server 8.4.0
Atlassian Jira Data Center
Atlassian Jira Data Center 8.4.0
5
CVSSv2
CVE-2021-41307
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote malicious users to view the names of private projects and private filters via an Insecure Direct Object References (IDOR) vulnerability in the Workload Pie Chart Gadget. The affected versions ...
Atlassian Jira
Atlassian Jira Server
Atlassian Jira Software Data Center
5
CVSSv2
CVE-2020-36235
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote malicious users to view custom field and custom SLA names via an Information Disclosure vulnerability in the mobile site view. The affected versions are before version 8.13.2, and from version...
Atlassian Jira
Atlassian Jira Server
Atlassian Jira Software Data Center
5
CVSSv2
CVE-2021-41306
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote malicious users to view private project and filter names via an Insecure Direct Object References (IDOR) vulnerability in the Average Time in Status Gadget. The affected versions are before version ...
Atlassian Jira
Atlassian Jira Software Data Center
Atlassian Jira Server
6.8
CVSSv2
CVE-2022-0540
A vulnerability in Jira Seraph allows a remote, unauthenticated malicious user to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions prior to 8.13.18, versions 8.14.0 and later prior to 8.20.6, and versio...
Atlassian Jira Service Management
Atlassian Jira Data Center
Atlassian Jira Server
1 Github repository
3.5
CVSSv2
CVE-2021-26082
The XML Export in Atlassian Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 prior to 8.13.6, and from version 8.14.0 prior to 8.17.0 allows remote malicious users to inject arbitrary HTML or JavaScript via a stored cross site scripting vulnerability.
Atlassian Data Center
Atlassian Jira Data Center
Atlassian Jira
Atlassian Jira Server
5
CVSSv2
CVE-2021-26069
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote malicious users to download temporary files and enumerate project keys via an Information Disclosure vulnerability in the /rest/api/1.0/issues/{id}/ActionsAndOperations API endpoint. The affec...
Atlassian Data Center
Atlassian Jira Data Center
Atlassian Jira
Atlassian Jira Server
3.5
CVSSv2
CVE-2021-26071
The SetFeatureEnabled.jspa resource in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous malicious users to enable and disable Jira Software configuration via a cross-...
Atlassian Data Center
Atlassian Jira Data Center
Atlassian Jira
Atlassian Jira Server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »