Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

atlassian jira data center vulnerabilities and exploits

(subscribe to this query)

4.3
CVSSv3
CVE-2020-36231
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view the metadata of boards they should not have access to via an Insecure Direct Object References (IDOR) vulnerability. The affected versions are before version 8.5.10, and from version 8.6.0...
Atlassian JiraAtlassian Jira ServerAtlassian Jira Server 8.13.3Atlassian Jira Software Data CenterAtlassian Jira Data CenterAtlassian Jira Data Center 8.13.3
6.1
CVSSv3
CVE-2021-26079
The CardLayoutConfigTable component in Jira Server and Jira Data Center before version 8.5.15, and from version 8.6.0 before version 8.13.7, and from version 8.14.0 before 8.17.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS)...
Atlassian Data CenterAtlassian Jira Data CenterAtlassian JiraAtlassian Jira Server
5.3
CVSSv3
CVE-2020-36289
Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the QueryComponentRendererValue!Default.jspa endpoint. The affected versions are before version 8.5.13, from version 8.6.0...
Atlassian Data CenterAtlassian JiraAtlassian Jira ServerAtlassian Jira Data Center
6.1
CVSSv3
CVE-2021-39111
The Editor plugin in Atlassian Jira Server and Data Center before version 8.5.18, from 8.6.0 before 8.13.10, and from version 8.14.0 before 8.18.2 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the handling of...
Atlassian Data CenterAtlassian Jira Data CenterAtlassian JiraAtlassian Jira Server
5.4
CVSSv3
CVE-2020-14173
The file upload feature in Atlassian Jira Server and Data Center in affected versions allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability. The affected versions are before version 8.5.4, from version 8.6.0 before 8.6.2,...
Atlassian JiraAtlassian Jira ServerAtlassian Jira Software Data CenterAtlassian Jira Data Center
5.3
CVSSv3
CVE-2020-29453
The CachingResourceDownloadRewriteRule class in Jira Server and Jira Data Center before version 8.5.11, from 8.6.0 before 8.13.3, and from 8.14.0 before 8.15.0 allowed unauthenticated remote attackers to read arbitrary files within WEB-INF and META-INF directories via an...
Atlassian Data CenterAtlassian Jira Data CenterAtlassian Jira Server
7.2
CVSSv3
CVE-2019-15001
The Jira Importers Plugin in Atlassian Jira Server and Data Cente from version with 7.0.10 before 7.6.16, from 7.7.0 before 7.13.8, from 8.0.0 before 8.1.3, from 8.2.0 before 8.2.5, from 8.3.0 before 8.3.4 and from 8.4.0 before 8.4.1 allows remote attackers with Administrator...
Atlassian Jira ServerAtlassian Jira Server 8.4.0Atlassian Jira Data CenterAtlassian Jira Data Center 8.4.0
4.3
CVSSv3
CVE-2019-20106
Comment properties in Atlassian Jira Server and Data Center before version 7.13.12, from 8.0.0 before version 8.5.4, and 8.6.0 before version 8.6.1 allows remote attackers to make comments on a ticket to which they do not have commenting permissions via a broken access control...
Atlassian JiraAtlassian Jira ServerAtlassian Jira Server 8.6.0Atlassian Jira Software Data CenterAtlassian Jira Data CenterAtlassian Jira Data Center 8.6.0
5.3
CVSSv3
CVE-2019-20101
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to view whitelist rules via a Broken Access Control vulnerability in the /rest/whitelist/<version>/check endpoint. The affected versions are before version 8.13.3, and from version...
Atlassian Data Center 8Atlassian Data CenterAtlassian Jira 8Atlassian Jira
4.3
CVSSv3
CVE-2020-14174
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view titles of a private project via an Insecure Direct Object References (IDOR) vulnerability in the Administration Permission Helper. The affected versions are before version 7.13.6, from...
Atlassian JiraAtlassian Jira ServerAtlassian Jira Server 8.10.0Atlassian Jira Software Data CenterAtlassian Jira Data CenterAtlassian Jira Data Center 8.10.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
remoteCVE-2022-47986CVE-2023-20963CVE-2023-1013CVE-2022-43628CVE-2023-1014log injectionCVE-2022-43639SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook