Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atlassian jira server vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2019-20900
Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the Add Field module. The affected versions are before version 8.7.0.
Atlassian Jira Server
Atlassian Jira Data Center
7.2
CVSSv3
CVE-2021-43944
This issue exists to document that a security improvement in the way that Jira Server and Data Center use templates has been implemented. Affected versions of Atlassian Jira Server and Data Center allowed remote attackers with system administrator permissions to execute arbitrary...
Atlassian Jira Server
Atlassian Jira Data Center
6.5
CVSSv3
CVE-2021-43946
Affected versions of Atlassian Jira Server and Data Center allow authenticated remote malicious users to add administrator groups to filter subscriptions via a Broken Access Control vulnerability in the /secure/EditSubscription.jspa endpoint. The affected versions are before vers...
Atlassian Jira Data Center
Atlassian Jira Server
4.3
CVSSv3
CVE-2021-41313
Affected versions of Atlassian Jira Server and Data Center allow authenticated but non-admin remote malicious users to edit email batch configurations via an Improper Authorization vulnerability in the /secure/admin/ConfigureBatching!default.jspa endpoint. The affected versions a...
Atlassian Jira Server
Atlassian Jira Data Center
6.5
CVSSv3
CVE-2021-39126
Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to modify various resources via a Cross-Site Request Forgery (CSRF) vulnerability, following an Information Disclosure vulnerability in the referrer headers which discloses a user's CSRF ...
Atlassian Jira Data Center
Atlassian Jira Server
7.2
CVSSv3
CVE-2022-36799
This issue exists to document that a security improvement in the way that Jira Server and Data Center use templates has been implemented. Affected versions of Atlassian Jira Server and Data Center allowed remote attackers with system administrator permissions to execute arbitrary...
Atlassian Jira Data Center
Atlassian Jira Server
6.1
CVSSv3
CVE-2022-36801
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote malicious users to inject arbitrary HTML or JavaScript via a Reflected Cross-Site Scripting (RXSS) vulnerability in the TeamManagement.jspa endpoint. The affected versions are before version 8.20.8.
Atlassian Jira Data Center
Atlassian Jira Server
5.3
CVSSv3
CVE-2020-14179
Affected versions of Atlassian Jira Server and Data Center allow remote, unauthenticated malicious users to view custom field names and custom SLA names via an Information Disclosure vulnerability in the /secure/QueryComponent!Default.jspa endpoint. The affected versions are befo...
Atlassian Jira Server
Atlassian Jira Data Center
5 Github repositories
6.5
CVSSv3
CVE-2021-43941
Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to modify several resources (including CsvFieldMappingsPage.jspa and ImporterValueMappingsPage.jspa) via a Cross-Site Request Forgery (CSRF) vulnerability in the jira-importers-plugin. The aff...
Atlassian Jira Server
Atlassian Jira Data Center
5.3
CVSSv3
CVE-2019-20403
The API in Atlassian Jira Server and Data Center before version 8.6.0 allows remote malicious users to determine if a Jira project key exists or not via an information disclosure vulnerability.
Atlassian Jira Server
Atlassian Jira Data Center
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »