atlassian jira server and data center vulnerabilities and exploits

(subscribe to this query)

A vulnerability in Jira Seraph allows a remote, unauthenticated malicious user to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions prior to 8.13.18, versions 8.14.0 and later prior to 8.20.6, and versio...

Atlassian Jira Service Management Atlassian Jira Data Center Atlassian Jira Server

2 Github repositories

This issue exists to document that a security improvement in the way that Jira Server and Data Center use velocity templates has been implemented. The way in which velocity templates were used in Atlassian Jira Server and Data Center in affected versions allowed remote malicious ...

Atlassian Jira Atlassian Jira Software Data Center

The way in which velocity templates were used in Atlassian Jira Server and Data Center prior to version 8.8.0 allowed remote malicious users to gain remote code execution if they were able to exploit a server side template injection vulnerability.

Atlassian Jira Atlassian Jira Software Data Center

Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to execute arbitrary code via a DLL hijacking vulnerability in Tomcat. The affected versions are before version 8.5.5, and from version 8.6.0 prior to 8.7.2.

Atlassian Jira Server Atlassian Jira Data Center

Affected versions of Atlassian Jira Server and Data Center allow attackers with access to an administrator account that has had its access revoked to modify projects' Users & Roles settings, via a Broken Authentication vulnerability in the /plugins/servlet/project-config...

Atlassian Jira Software Data Center

Affected versions of Atlassian Jira Server and Data Center allow a remote attacker who has had their access revoked from Jira Service Management to enable and disable Issue Collectors on Jira Service Management projects via an Improper Authentication vulnerability in the /secure/...

Atlassian Data Center Atlassian Jira

Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote malicious users to view the names of private projects and private filters via an Insecure Direct Object References (IDOR) vulnerability in the Workload Pie Chart Gadget. The affected versions ...

Atlassian Jira Atlassian Jira Server Atlassian Jira Software Data Center

Affected versions of Atlassian Jira Server and Data Center allow anonymous remote malicious users to view the names of private projects and filters via an Insecure Direct Object References (IDOR) vulnerability in the Average Number of Times in Status Gadget. The affected versions...

Atlassian Jira Atlassian Jira Software Data Center

Affected versions of Atlassian Jira Server and Data Center allow anonymous remote malicious users to view private project and filter names via an Insecure Direct Object References (IDOR) vulnerability in the Average Time in Status Gadget. The affected versions are before version ...

Atlassian Jira Atlassian Jira Software Data Center Atlassian Jira Server

Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote malicious users to impact the application's availability via a Denial of Service (DoS) vulnerability in the /rest/gadget/1.0/createdVsResolved/generate endpoint. The affected versions are...

Atlassian Data Center Atlassian Jira

1 2 3 4 5 6 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook