Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
atlassian jira software data center vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2020-36231
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view the metadata of boards they should not have access to via an Insecure Direct Object References (IDOR) vulnerability. The affected versions are before version 8.5.10, and from version 8.6.0...
Atlassian Jira
Atlassian Jira 8.13.3
Atlassian Jira Software Data Center
Atlassian Jira Software Data Center 8.13.3
4
CVSSv2
CVE-2020-14174
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view titles of a private project via an Insecure Direct Object References (IDOR) vulnerability in the Administration Permission Helper. The affected versions are before version 7.13.6, from...
Atlassian Jira
Atlassian Jira 8.10.0
Atlassian Jira Software Data Center
Atlassian Jira Software Data Center 8.10.0
4
CVSSv2
CVE-2019-20106
Comment properties in Atlassian Jira Server and Data Center before version 7.13.12, from 8.0.0 before version 8.5.4, and 8.6.0 before version 8.6.1 allows remote attackers to make comments on a ticket to which they do not have commenting permissions via a broken access control...
Atlassian Jira
Atlassian Jira 8.6.0
Atlassian Jira Software Data Center
Atlassian Jira Software Data Center 8.6.0
3.5
CVSSv2
CVE-2020-4024
The attachment download resource in Atlassian Jira Server and Data Center before 8.5.5, and from 8.6.0 before 8.8.2, and from 8.9.0 before 8.9.1 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability issue attachments with a...
Atlassian Jira
Atlassian Jira Software Data Center
NA
CVE-2021-41304
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the /secure/admin/ImporterFinishedPage.jspa error message. The affected versions are before...
5
CVSSv2
CVE-2020-36235
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view custom field and custom SLA names via an Information Disclosure vulnerability in the mobile site view. The affected versions are before version 8.13.2, and from version...
Atlassian Jira
Atlassian Jira Software Data Center
NA
CVE-2021-41307
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view the names of private projects and private filters via an Insecure Direct Object References (IDOR) vulnerability in the Workload Pie Chart Gadget. The affected versions are...
4
CVSSv2
CVE-2019-20404
The API in Atlassian Jira Server and Data Center before version 8.6.0 allows authenticated remote attackers to determine project titles they do not have access to via an improper authorization vulnerability....
Atlassian Jira
Atlassian Jira Software Data Center
4.3
CVSSv2
CVE-2019-20100
The Atlassian Application Links plugin is vulnerable to cross-site request forgery (CSRF). The following versions are affected: all versions prior to 5.4.21, from version 6.0.0 before version 6.0.12, from version 6.1.0 before version 6.1.2, from version 7.0.0 before version...
Atlassian Jira
Atlassian Jira Software Data Center
4.3
CVSSv2
CVE-2020-4022
The attachment download resource in Atlassian Jira Server and Data Center before 8.5.5, and from 8.6.0 before 8.8.2, and from 8.9.0 before 8.9.1 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability issue attachments with a...
Atlassian Jira
Atlassian Jira Software Data Center
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-40449
bypass
hard-coded
CVE-2021-26609
CVE-2020-20908
CVE-2021-34859
CVE-2021-41158
file upload
CVE-2021-41163
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »
Vulmon