Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atlassian crucible vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2019-15008
The /plugins/servlet/branchreview resource in Atlassian Fisheye and Crucible before version 4.7.3 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the reviewedBranch parameter.
Atlassian Crucible
Atlassian Fisheye
312
VMScore
CVE-2019-15007
The review resource in Atlassian Fisheye and Crucible before version 4.7.3 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the name of a missing branch.
Atlassian Crucible
Atlassian Fisheye
356
VMScore
CVE-2019-15009
The /json/profile/removeStarAjax.do resource in Atlassian Fisheye and Crucible before version 4.8.0 allows remote malicious users to remove another user's favourite setting for a project via an improper authorization vulnerability.
Atlassian Crucible
Atlassian Fisheye
356
VMScore
CVE-2019-15005
The Atlassian Troubleshooting and Support Tools plugin prior to version 1.17.2 allows an unprivileged user to initiate periodic log scans and send the results to a user-specified email address due to a missing authorization check. The email message may contain configuration infor...
Atlassian Troubleshooting And Support
Atlassian Jira
Atlassian Bitbucket
Atlassian Confluence
Atlassian Crowd
Atlassian Fisheye
Atlassian Crucible
Atlassian Bamboo
312
VMScore
CVE-2018-20239
Application Links before version 5.0.11, from version 5.1.0 prior to 5.2.10, from version 5.3.0 prior to 5.3.6, from version 5.4.0 prior to 5.4.12, and from version 6.0.0 prior to 6.0.4 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scriptin...
Atlassian Application Links
Atlassian Fisheye
Atlassian Crucible
Atlassian Jira Server
Atlassian Jira Data Center
Atlassian Confluence Data Center
Atlassian Confluence Server
Atlassian Crowd
312
VMScore
CVE-2018-20240
The administrative linker functionality in Atlassian Fisheye and Crucible before version 4.7.0 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the href parameter.
Atlassian Fisheye
Atlassian Crucible
312
VMScore
CVE-2018-20241
The Edit upload resource for a review in Atlassian Fisheye and Crucible before version 4.7.0 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the wbuser parameter.
Atlassian Fisheye
Atlassian Crucible
409
VMScore
CVE-2018-13399
The Microsoft Windows Installer for Atlassian Fisheye and Crucible before version 4.6.1 allows local malicious users to escalate privileges because of weak permissions on the installation directory.
Atlassian Fisheye
Atlassian Crucible
383
VMScore
CVE-2018-13398
The administrative smart-commits resource in Atlassian Fisheye and Crucible before version 4.5.4 allows remote malicious users to modify smart-commit settings via a Cross-site request forgery (CSRF) vulnerability.
Atlassian Fisheye
Atlassian Crucible
383
VMScore
CVE-2018-13392
Several resources in Atlassian Fisheye and Crucible before version 4.6.0 allow remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in linked issue keys.
Atlassian Fisheye
Atlassian Crucible
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »