Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atlassian jira server and data center vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-36801
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote malicious users to inject arbitrary HTML or JavaScript via a Reflected Cross-Site Scripting (RXSS) vulnerability in the TeamManagement.jspa endpoint. The affected versions are before version 8.20.8.
Atlassian Jira Data Center
Atlassian Jira Server
NA
CVE-2022-36799
This issue exists to document that a security improvement in the way that Jira Server and Data Center use templates has been implemented. Affected versions of Atlassian Jira Server and Data Center allowed remote attackers with system administrator permissions to execute arbitrary...
Atlassian Jira Data Center
Atlassian Jira Server
4
CVSSv2
CVE-2022-26135
A vulnerability in Mobile Plugin for Jira Data Center and Server allows a remote, authenticated user (including a user who joined via the sign-up feature) to perform a full read server-side request forgery via a batch endpoint. This affects Atlassian Jira Server and Data Center f...
Atlassian Jira Service Management
Atlassian Jira Data Center
Atlassian Jira Server
Atlassian Jira Service Desk
3 Github repositories
6.8
CVSSv2
CVE-2022-0540
A vulnerability in Jira Seraph allows a remote, unauthenticated malicious user to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions prior to 8.13.18, versions 8.14.0 and later prior to 8.20.6, and versio...
Atlassian Jira Service Management
Atlassian Jira Data Center
Atlassian Jira Server
2 Github repositories
6.5
CVSSv2
CVE-2021-43944
This issue exists to document that a security improvement in the way that Jira Server and Data Center use templates has been implemented. Affected versions of Atlassian Jira Server and Data Center allowed remote attackers with system administrator permissions to execute arbitrary...
Atlassian Jira Server
Atlassian Jira Data Center
3.5
CVSSv2
CVE-2021-43945
Affected versions of Atlassian Jira Server and Data Center allow remote attackers with Roadmaps Administrator permissions to inject arbitrary HTML or JavaScript via a Stored Cross-Site Scripting (SXSS) vulnerability in the /rest/jpo/1.0/hierarchyConfiguration endpoint. The affect...
Atlassian Data Center
Atlassian Jira
4.3
CVSSv2
CVE-2021-43941
Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to modify several resources (including CsvFieldMappingsPage.jspa and ImporterValueMappingsPage.jspa) via a Cross-Site Request Forgery (CSRF) vulnerability in the jira-importers-plugin. The aff...
Atlassian Jira Server
Atlassian Jira Data Center
4.3
CVSSv2
CVE-2021-43953
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote malicious users to toggle the Thread Contention and CPU monitoring settings via a Cross-Site Request Forgery (CSRF) vulnerability in the /secure/admin/ViewInstrumentation.jspa endpoint. The af...
Atlassian Data Center
Atlassian Jira
4.3
CVSSv2
CVE-2021-43952
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote malicious users to restore the default configuration of fields via a Cross-Site Request Forgery (CSRF) vulnerability in the /secure/admin/RestoreDefaults.jspa endpoint. The affected versions a...
Atlassian Jira Server
Atlassian Jira Data Center
9
CVSSv2
CVE-2021-43947
Affected versions of Atlassian Jira Server and Data Center allow remote attackers with administrator privileges to execute arbitrary code via a Remote Code Execution (RCE) vulnerability in the Email Templates feature. This issue bypasses the fix of https://jira.atlassian.com/brow...
Atlassian Data Center
Atlassian Jira Data Center
Atlassian Jira
Atlassian Jira Server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »