Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atlassian jira vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2018-20232
The labels widget gadget in Atlassian Jira before version 7.6.11 and from version 7.7.0 before version 7.13.1 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the rendering of retrieved content from a url locat...
Atlassian Jira
Atlassian Jira Server
6.1
CVSSv3
CVE-2018-13401
The XsrfErrorAction resource in Atlassian Jira before version 7.6.9, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3, fr...
Atlassian Jira
Atlassian Jira Server
7.5
CVSSv3
CVE-2019-8442
The CachingResourceDownloadRewriteRule class in Jira before version 7.13.4, and from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote malicious users to access files in the Jira webroot under the META-INF directory via a lax path acces...
Atlassian Jira
Atlassian Jira Server
8.1
CVSSv3
CVE-2019-8443
The ViewUpgrades resource in Jira before version 7.13.4, from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers who have obtained access to administrator's session to access the ViewUpgrades administrative resource withou...
Atlassian Jira
Atlassian Jira Server
4.3
CVSSv3
CVE-2019-11586
The AddResolution.jspa resource in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allows remote malicious users to create new resolutions via a Cross-site request forgery (CSRF) vulnerability.
Atlassian Jira
Atlassian Jira Server
6.5
CVSSv3
CVE-2019-11587
Various exposed resources of the ViewLogging class in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allow remote malicious users to modify various settings via Cross-site request forgery (CSRF).
Atlassian Jira
Atlassian Jira Server
6.5
CVSSv3
CVE-2017-18101
Various administrative external system import resources in Atlassian JIRA Server (including JIRA Core) before version 7.6.5, from version 7.7.0 before version 7.7.3, from version 7.8.0 before version 7.8.3 and before version 7.9.0 allow remote malicious users to run import operat...
Atlassian Jira
Atlassian Jira Server
5.9
CVSSv3
CVE-2017-18104
The Webhooks component of Atlassian Jira before version 7.6.7 and from version 7.7.0 before version 7.11.0 allows remote attackers who are able to observe or otherwise intercept webhook events to learn information about changes in issues that should not be sent because they are n...
Atlassian Jira
Atlassian Jira Server
5.3
CVSSv3
CVE-2020-14185
Affected versions of Jira Server allow remote unauthenticated malicious users to enumerate issue keys via a missing permissions check in the ActionsAndOperations resource. The affected versions are prior to 7.13.18, from version 8.0.0 prior to 8.5.9, and from version 8.6.0 before...
Atlassian Jira
Atlassian Jira Server
7.5
CVSSv3
CVE-2018-5231
The ForgotLoginDetails resource in Atlassian Jira before version 7.6.6, from version 7.7.0 before version 7.7.4, from version 7.8.0 before version 7.8.4 and from version 7.9.0 before version 7.9.2 allows remote malicious users to perform a denial of service attack via sending req...
Atlassian Jira
Atlassian Jira Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »