Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

atlassian jira 3.12.1 vulnerabilities and exploits

(subscribe to this query)

NA
CVE-2010-1165
Atlassian JIRA 3.12 through 4.1 allows remote authenticated administrators to execute arbitrary code by modifying the (1) attachment (aka attachments), (2) index (aka indexing), or (3) backup path and then uploading a file, as exploited in the wild in April 2010....
Atlassian Jira 3.12Atlassian Jira 3.13.3Atlassian Jira 3.13.1Atlassian Jira 3.13.2Atlassian Jira 4.1Atlassian Jira 3.12.3Atlassian Jira 3.13Atlassian Jira 4.0.1Atlassian Jira 4.0.2Atlassian Jira 3.13.4Atlassian Jira 3.12.1Atlassian Jira 3.12.2Atlassian Jira 3.13.5Atlassian Jira 4.0
NA
CVE-2010-1164
Multiple cross-site scripting (XSS) vulnerabilities in Atlassian JIRA 3.12 through 4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) element or (2) defaultColor parameter to the Colour Picker page; the (3) formName parameter, (4) element parameter, or...
Atlassian Jira 3.13.1Atlassian Jira 3.13.2Atlassian Jira 3.12.3Atlassian Jira 3.13Atlassian Jira 4.0.2Atlassian Jira 4.1Atlassian Jira 3.12.1Atlassian Jira 3.12.2Atlassian Jira 4.0Atlassian Jira 4.0.1Atlassian Jira 3.12Atlassian Jira 3.13.3Atlassian Jira 3.13.4Atlassian Jira 3.13.5
NA
CVE-2008-6531
The WebWork 1 web application framework in Atlassian JIRA before 3.13.2 allows remote attackers to invoke exposed public JIRA methods via a crafted URL that is dynamically transformed into method calls, aka "WebWork 1 Parameter Injection Hole."...
Atlassian Jira 3.13.1Atlassian Jira 3.13Atlassian Jira 3.12.2Atlassian Jira 3.12Atlassian Jira 3.10.2Atlassian Jira 3.10Atlassian Jira 3.9.3Atlassian Jira 3.9.2Atlassian Jira 3.9.1Atlassian Jira 3.9Atlassian Jira 3.8.1Atlassian Jira 3.7.4Atlassian Jira 3.7.2Atlassian Jira 3.7Atlassian Jira 3.6.4Atlassian Jira 3.6.2Atlassian Jira 3.6Atlassian JiraAtlassian Jira 3.12.3Atlassian Jira 3.12.1Atlassian Jira 3.11Atlassian Jira 3.10.1Atlassian Jira 3.8Atlassian Jira 3.7.3Atlassian Jira 3.7.1Atlassian Jira 3.6.5Atlassian Jira 3.6.3Atlassian Jira 3.6.1Atlassian Jira 3.5.3Atlassian Jira 3.5.1Atlassian Jira 3.4.3Atlassian Jira 3.4.2Atlassian Jira 3.4.1Atlassian Jira 3.3.3Atlassian Jira 3.3.2Atlassian Jira 3.3.1Atlassian Jira 3.2.3Atlassian Jira 3.2.1Atlassian Jira 3.1.1Atlassian Jira 3.0.3Atlassian Jira 3.0.1Atlassian Jira 2.6.1Atlassian Jira 2.5.3Atlassian Jira 3.3Atlassian Jira 3.2.2Atlassian Jira 3.2Atlassian Jira 3.1Atlassian Jira 3.0.2Atlassian Jira 3.0Atlassian Jira 3.5.2Atlassian Jira 3.5Atlassian Jira 2.6Atlassian Jira 2.5.2Atlassian Jira 2.4.1Atlassian Jira 2.2.1Atlassian Jira 2.1Atlassian Jira 2.5.1Atlassian Jira 2.3Atlassian Jira 2.2
NA
CVE-2007-6619
The Setup Wizard in Atlassian JIRA Enterprise Edition before 3.12.1 does not properly restrict setup attempts after setup is complete, which allows remote attackers to change the default language....
Atlassian Jira
NA
CVE-2007-6618
JIRA Enterprise Edition before 3.12.1 allows remote attackers to delete another user's shared filter via a modified filter ID....
Atlassian Jira
NA
CVE-2007-6617
Cross-site scripting (XSS) vulnerability in 500page.jsp in JIRA Enterprise Edition before 3.12.1 allows remote attackers to inject arbitrary web script or HTML, which is not properly handled when generating error messages, as demonstrated by input originally sent in the URI to...
Atlassian Jira
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
remoteCVE-2022-47986CVE-2023-20963CVE-2023-1013CVE-2022-43628CVE-2023-1014log injectionCVE-2022-43639SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook