Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atlassian bamboo vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2017-18041
The viewDeploymentVersionJiraIssuesDialog resource in Atlassian Bamboo before version 6.2.0 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a release.
Atlassian Bamboo
NA
CVE-2023-52240
The Kantega SAML SSO OIDC Kerberos Single Sign-on apps prior to 6.20.0 for Atlassian products allow XSS if SAML POST Binding is enabled. This affects 4.4.2 up to and including 4.14.8 prior to 4.14.9, 5.0.0 up to and including 5.11.4 prior to 5.11.5, and 6.0.0 up to and including ...
Kantega-sso Kantega Saml Sso Oidc Kerberos Single Sign-on
NA
CVE-2023-22516
This High severity RCE (Remote Code Execution) vulnerability was introduced in versions 8.1.0, 8.2.0, 9.0.0, 9.1.0, 9.2.0, and 9.3.0 of Bamboo Data Center and Server. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.5, allows an authenticated malicious user ...
Atlassian Bamboo
NA
CVE-2023-22506
This High severity Injection and RCE (Remote Code Execution) vulnerability known as CVE-2023-22506 was introduced in version 8.0.0 of Bamboo Data Center. This Injection and RCE (Remote Code Execution) vulnerability, with a CVSS Score of 7.5, allows an authenticated malicious user...
Atlassian Bamboo Data Center
Atlassian Bamboo Server
NA
CVE-2022-26136
A vulnerability in multiple Atlassian products allows a remote, unauthenticated malicious user to bypass Servlet Filters used by first and third party apps. The impact depends on which filters are used by each app, and how the filters are used. This vulnerability can result in au...
Atlassian Confluence Data Center 7.18.0
Atlassian Confluence Data Center
Atlassian Confluence Server 7.18.0
Atlassian Confluence Server
Atlassian Bitbucket 8.0.0
Atlassian Bitbucket 8.1.0
Atlassian Crowd
Atlassian Crowd 5.0.0
Atlassian Crucible
Atlassian Fisheye
Atlassian Jira Data Center
Atlassian Jira Server
Atlassian Jira Service Management
Atlassian Bamboo
Atlassian Bitbucket
Atlassian Jira Service Desk
1 Article
NA
CVE-2022-26137
A vulnerability in multiple Atlassian products allows a remote, unauthenticated malicious user to cause additional Servlet Filters to be invoked when the application processes requests or responses. Atlassian has confirmed and fixed the only known security issue associated with t...
Atlassian Confluence Data Center 7.18.0
Atlassian Confluence Data Center
Atlassian Confluence Server 7.18.0
Atlassian Confluence Server
Atlassian Bitbucket 8.0.0
Atlassian Bitbucket 8.1.0
Atlassian Crowd
Atlassian Crowd 5.0.0
Atlassian Crucible
Atlassian Fisheye
Atlassian Jira Data Center
Atlassian Jira Server
Atlassian Jira Service Management
Atlassian Bamboo
Atlassian Bitbucket
Atlassian Jira Service Desk
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3