Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hipchat vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2017-14585
A Server Side Request Forgery (SSRF) vulnerability could lead to remote code execution for authenticated administrators. This issue was introduced in version 2.2.0 of Hipchat Server and version 3.0.0 of Hipchat Data Center. Versions of Hipchat Server starting with 2.2.0 and prior...
Atlassian Hipchat Data Center
Atlassian Hipchat Server
4.3
CVSSv2
CVE-2017-8058
Acceptance of invalid/self-signed TLS certificates in Atlassian HipChat prior to 3.16.2 for iOS allows a man-in-the-middle and/or physically proximate malicious user to silently intercept information sent during the login API call.
Atlassian Hipchat
4
CVSSv2
CVE-2018-1000418
An improper authorization vulnerability exists in Jenkins HipChat Plugin 2.2.0 and previous versions in HipChatNotifier.java that allows attackers with Overall/Read access to send test notifications to an attacker-specified HipChat server with attacker-specified credentials IDs o...
Atlassian Hipchat
4
CVSSv2
CVE-2018-1000419
An improper authorization vulnerability exists in Jenkins HipChat Plugin 2.2.0 and previous versions in HipChatNotifier.java that allows attackers with Overall/Read access to obtain credentials IDs for credentials stored in Jenkins.
Atlassian Hipchat
6.5
CVSSv2
CVE-2015-5603
The HipChat for JIRA plugin prior to 6.30.0 for Atlassian JIRA allows remote authenticated users to execute arbitrary Java code via unspecified vectors, related to "Velocity Template Injection Vulnerability."
Atlassian Hipchat
2 EDB exploits
7.5
CVSSv2
CVE-2017-14586
The Hipchat for Mac desktop client is vulnerable to client-side remote code execution via video call link parsing. Hipchat for Mac desktop clients at or above version 4.0 and before version 4.30 are affected by this vulnerability.
Atlassian Hipchat
5
CVSSv2
CVE-2016-6668
The Atlassian Hipchat Integration Plugin for Bitbucket Server 6.26.0 prior to 6.27.5, 6.28.0 prior to 7.3.7, and 7.4.0 prior to 7.8.17; Confluence HipChat plugin 6.26.0 prior to 7.8.17; and HipChat for JIRA plugin 6.26.0 prior to 7.8.17 allows remote malicious users to obtain the...
Atlassian Confluence Server 5.5.0
Atlassian Confluence Server 5.9.6
Atlassian Confluence Server 5.9.5
Atlassian Confluence Server 5.9.8
Atlassian Confluence Server 5.9.7
Atlassian Confluence Server 5.9.2
Atlassian Confluence Server 5.9.1
Atlassian Confluence Server 5.9.4
Atlassian Confluence Server 5.9.3
Atlassian Confluence Server 5.10.1
Atlassian Confluence Server 5.9.10
Atlassian Confluence Server 5.9.11
Atlassian Confluence Server 5.9.12
Atlassian Confluence Server 5.10.0
Atlassian Confluence Server 5.10.2
Atlassian Confluence Server 5.9.9
Atlassian Confluence Server 5.10.3
Atlassian Jira Integration For Hipchat 7.4.1
Atlassian Jira Integration For Hipchat 7.3.3
Atlassian Jira Integration For Hipchat 6.26.0
Atlassian Jira Integration For Hipchat 7.1.0
Atlassian Jira Integration For Hipchat 6.26.10
6.5
CVSSv2
CVE-2017-8080
Atlassian Hipchat Server prior to 2.2.4 allows remote authenticated users with user level privileges to execute arbitrary code via vectors involving image uploads.
Atlassian Hipchat Server
6.5
CVSSv2
CVE-2017-7357
Hipchat Server prior to 2.2.3 allows remote authenticated users with Server Administrator level privileges to execute arbitrary code by importing a file.
Atlassian Hipchat Server
6.5
CVSSv2
CVE-2018-18646
An issue exists in GitLab Community and Enterprise Edition prior to 11.2.7, 11.3.x prior to 11.3.8, and 11.4.x prior to 11.4.3. It allows SSRF.
Gitlab Gitlab
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-24955
man-in-the-middle
dos
CVE-2024-2818
CVE-2024-30584
CVE-2024-31134
camera
CVE-2023-45866
CVE-2024-30585
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started