Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

atlassian jira 3.13.5 vulnerabilities and exploits

(subscribe to this query)

4.3
CVSSv2
CVE-2010-1164
Multiple cross-site scripting (XSS) vulnerabilities in Atlassian JIRA 3.12 through 4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) element or (2) defaultColor parameter to the Colour Picker page; the (3) formName parameter, (4) element parameter, or...
Atlassian Jira 3.12Atlassian Jira 3.12.1Atlassian Jira 3.12.2Atlassian Jira 3.12.3Atlassian Jira 3.13Atlassian Jira 3.13.1Atlassian Jira 3.13.2Atlassian Jira 3.13.3Atlassian Jira 3.13.4Atlassian Jira 3.13.5Atlassian Jira 4.0Atlassian Jira 4.0.1Atlassian Jira 4.0.2Atlassian Jira 4.1
9
CVSSv2
CVE-2010-1165
Atlassian JIRA 3.12 through 4.1 allows remote authenticated administrators to execute arbitrary code by modifying the (1) attachment (aka attachments), (2) index (aka indexing), or (3) backup path and then uploading a file, as exploited in the wild in April 2010....
Atlassian Jira 3.12Atlassian Jira 3.12.1Atlassian Jira 3.12.2Atlassian Jira 3.12.3Atlassian Jira 3.13Atlassian Jira 3.13.1Atlassian Jira 3.13.2Atlassian Jira 3.13.3Atlassian Jira 3.13.4Atlassian Jira 3.13.5Atlassian Jira 4.0Atlassian Jira 4.0.1Atlassian Jira 4.0.2Atlassian Jira 4.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
wirelesstoodeequinn projecttype confusionCVE-2021-26857scratchpadCVE-2020-29020man-in-the-middleibmCVE-2021-26971CVE-2021-28032CVE-2021-21725CVE-2021-26855