Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

atlassian jira 8.13.3 vulnerabilities and exploits

(subscribe to this query)

4
CVSSv2
CVE-2020-36231
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view the metadata of boards they should not have access to via an Insecure Direct Object References (IDOR) vulnerability. The affected versions are before version 8.5.10, and from version 8.6.0...
Atlassian JiraAtlassian Jira 8.13.3Atlassian Jira Software Data CenterAtlassian Jira Software Data Center 8.13.3
5
CVSSv2
CVE-2019-20101
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to view whitelist rules via a Broken Access Control vulnerability in the /rest/whitelist/<version>/check endpoint. The affected versions are before version 8.13.3, and from version...
Atlassian Data Center 8Atlassian Data CenterAtlassian Jira 8Atlassian Jira
4.3
CVSSv2
CVE-2020-36236
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the ViewWorkflowSchemes.jspa and ListWorkflows.jspa endpoints. The affected versions are before version...
Atlassian JiraAtlassian Jira Software Data Center
5
CVSSv2
CVE-2021-26069
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to download temporary files and enumerate project keys via an Information Disclosure vulnerability in the /rest/api/1.0/issues/{id}/ActionsAndOperations API endpoint. The affected...
Atlassian Data CenterAtlassian Jira
5
CVSSv2
CVE-2020-29453
The CachingResourceDownloadRewriteRule class in Jira Server and Jira Data Center before version 8.5.11, from 8.6.0 before 8.13.3, and from 8.14.0 before 8.15.0 allowed unauthenticated remote attackers to read arbitrary files within WEB-INF and META-INF directories via an...
Atlassian Data CenterAtlassian Jira
6.4
CVSSv2
CVE-2021-26070
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to evade behind-the-firewall protection of app-linked resources via a Broken Authentication vulnerability in the `makeRequest` gadget resource. The affected versions are before version 8.13.3, and...
Atlassian Data CenterAtlassian Jira
3.5
CVSSv2
CVE-2020-36234
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the Screens Modal view. The affected versions are before version 8.5.11, from version 8.6.0 before 8.13.3,...
Atlassian Data CenterAtlassian Jira
4
CVSSv2
CVE-2020-29451
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to enumerate Jira projects via an Information Disclosure vulnerability in the Jira Projects plugin report page. The affected versions are before version 8.5.11, from version 8.6.0 before 8.13.3,...
Atlassian Data CenterAtlassian Jira
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-37933CVE-2021-41773CVE-2021-36389CVE-2021-40449path traversalCVE-2021-42336CVE-2021-40987buffer overflowHTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook