Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atlassian bamboo vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2021-26067
Affected versions of Atlassian Bamboo allow an unauthenticated remote malicious user to view a stack trace that may reveal the path for the home directory in disk and if certain files exists on the tmp directory, via a Sensitive Data Exposure vulnerability in the /chart endpoint....
Atlassian Bamboo
801
VMScore
CVE-2018-5224
Bamboo did not correctly check if a configured Mercurial repository URI contained values that the Windows operating system may consider argument parameters. An attacker who has permission to create a repository in Bamboo, edit an existing plan in Bamboo that has a non-linked Merc...
Atlassian Bamboo
580
VMScore
CVE-2015-6576
Bamboo 2.2 prior to 5.8.5 and 5.9.x prior to 5.9.7 allows remote attackers with access to the Bamboo web interface to execute arbitrary Java code via an unspecified resource.
Atlassian Bamboo
3 Github repositories
312
VMScore
CVE-2017-18040
The viewDeploymentVersionCommits resource in Atlassian Bamboo before version 6.2.0 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a release.
Atlassian Bamboo
312
VMScore
CVE-2017-18041
The viewDeploymentVersionJiraIssuesDialog resource in Atlassian Bamboo before version 6.2.0 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a release.
Atlassian Bamboo
605
VMScore
CVE-2017-18080
The saveConfigureSecurity resource in Atlassian Bamboo before version 6.3.1 allows remote malicious users to modify security settings via a Cross-site request forgery (CSRF) vulnerability.
Atlassian Bamboo
383
VMScore
CVE-2017-18081
The signupUser resource in Atlassian Bamboo before version 6.3.1 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the value of the csrf token cookie.
Atlassian Bamboo
312
VMScore
CVE-2017-18082
The plan configure branches resource in Atlassian Bamboo before version 6.2.3 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the name of a branch.
Atlassian Bamboo
801
VMScore
CVE-2017-14590
Bamboo did not check that the name of a branch in a Mercurial repository contained argument parameters. An attacker who has permission to create a repository in Bamboo, edit an existing plan that has a non-linked Mercurialrepository, create or edit a plan when there is at least o...
Atlassian Bamboo
645
VMScore
CVE-2012-2926
Atlassian JIRA prior to 5.0.1; Confluence prior to 3.5.16, 4.0 prior to 4.0.7, and 4.1 prior to 4.1.10; FishEye and Crucible prior to 2.5.8, 2.6 prior to 2.6.8, and 2.7 prior to 2.7.12; Bamboo prior to 3.3.4 and 3.4.x prior to 3.4.5; and Crowd prior to 2.0.9, 2.1 prior to 2.1.2, ...
Atlassian Bamboo
Atlassian Confluence
Atlassian Confluence Server
Atlassian Crowd
Atlassian Crucible
Atlassian Fisheye
Atlassian Jira
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »