Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atlassian jira software data center vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-20413
Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to impact the application's availability via a Denial of Service (DoS) vulnerability on the UserPickerBrowser.jspa page. The affected versions are before version 7.13.9, and from version ...
Atlassian Jira
Atlassian Jira Server
Atlassian Jira Software Data Center
Atlassian Jira Data Center
6.5
CVSSv3
CVE-2021-41308
Affected versions of Atlassian Jira Server and Data Center allow authenticated yet non-administrator remote malicious users to edit the File Replication settings via a Broken Access Control vulnerability in the `ReplicationSettings!default.jspa` endpoint. The affected versions ar...
Atlassian Jira
Atlassian Jira Software Data Center
Atlassian Jira Server
Atlassian Jira Data Center
6.5
CVSSv3
CVE-2019-20897
The avatar upload feature in affected versions of Atlassian Jira Server and Data Center allows remote malicious users to achieve Denial of Service via a crafted PNG file. The affected versions are before version 8.5.4, from version 8.6.0 prior to 8.6.2, and from version 8.7.0 pri...
Atlassian Jira
Atlassian Jira Server
Atlassian Jira Software Data Center
Atlassian Jira Data Center
6.5
CVSSv3
CVE-2019-20418
Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to prevent users from accessing the instance via an Application Denial of Service vulnerability in the /rendering/wiki endpoint. The affected versions are before version 8.8.0.
Atlassian Jira
Atlassian Jira Software Data Center
6.5
CVSSv3
CVE-2019-20410
Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to view sensitive information via an Information Disclosure vulnerability in the comment restriction feature. The affected versions are before version 7.6.17, from version 7.7.0 prior to 7.13....
Atlassian Jira
Atlassian Jira Server
Atlassian Jira Software Data Center
Atlassian Jira Data Center
6.1
CVSSv3
CVE-2021-41310
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote malicious users to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the Associated Projects feature (/secure/admin/AssociatedProjectsForCustomField.jspa). The af...
Atlassian Jira Software Data Center
6.1
CVSSv3
CVE-2020-36236
Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the ViewWorkflowSchemes.jspa and ListWorkflows.jspa endpoints. The affected versions are before version...
Atlassian Jira
Atlassian Jira Server
Atlassian Jira Software Data Center
Atlassian Jira Data Center
6.1
CVSSv3
CVE-2020-4022
The attachment download resource in Atlassian Jira Server and Data Center prior to 8.5.5, and from 8.6.0 prior to 8.8.2, and from 8.9.0 prior to 8.9.1 allows remote malicious users to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability issue attachm...
Atlassian Jira
Atlassian Jira Server
Atlassian Jira Software Data Center
Atlassian Jira Data Center
6.1
CVSSv3
CVE-2020-14164
The WYSIWYG editor resource in Jira Server and Data Center before version 8.8.2 allows remote malicious users to inject arbitrary HTML or JavaScript names via an Cross Site Scripting (XSS) vulnerability by pasting javascript code into the editor field.
Atlassian Jira
Atlassian Jira Software Data Center
6.1
CVSSv3
CVE-2020-14169
The quick search component in Atlassian Jira Server and Data Center prior to 8.9.1 allows remote malicious users to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability
Atlassian Jira
Atlassian Jira Software Data Center
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
CVE-2023-52162
CVE-2024-23670
CVE-2024-5404
man-in-the-middle
CVE-2024-5214
CVE-2024-4358
CVE-2024-20696
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »