Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atlassian fisheye vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2018-13398
The administrative smart-commits resource in Atlassian Fisheye and Crucible before version 4.5.4 allows remote malicious users to modify smart-commit settings via a Cross-site request forgery (CSRF) vulnerability.
Atlassian Crucible
Atlassian Fisheye
383
VMScore
CVE-2018-13392
Several resources in Atlassian Fisheye and Crucible before version 4.6.0 allow remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in linked issue keys.
Atlassian Fisheye
Atlassian Crucible
383
VMScore
CVE-2018-5228
The /browse/~raw resource in Atlassian Fisheye and Crucible before version 4.5.3 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the handling of response headers.
Atlassian Fisheye
Atlassian Crucible
383
VMScore
CVE-2017-18090
Various resources in Atlassian Fisheye before version 4.5.1 (the fixed version for 4.5.x) and before version 4.6.0 allow remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a commit author.
Atlassian Fisheye 4.5.0
383
VMScore
CVE-2017-14588
Various resources in Atlassian Fisheye and Crucible before version 4.4.2 allow remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the dialog parameter.
Atlassian Crucible
Atlassian Fisheye
383
VMScore
CVE-2011-4822
Multiple cross-site scripting (XSS) vulnerabilities in the user profile feature in Atlassian FishEye prior to 2.5.5 allow remote malicious users to inject arbitrary web script or HTML via (1) snippets in a user comment, which is not properly handled in a Confluence page, or (2) t...
Atlassian Fisheye 2.4.5
Atlassian Fisheye 2.4.4
Atlassian Fisheye 2.3.6
Atlassian Fisheye 2.3.5
Atlassian Fisheye 2.2.0
Atlassian Fisheye 2.1.4
Atlassian Fisheye 2.0.4
Atlassian Fisheye 2.0.3
Atlassian Fisheye 1.6.6
Atlassian Fisheye 1.6.5.a
Atlassian Fisheye 1.5.2
Atlassian Fisheye 1.5.1
Atlassian Fisheye 2.5.0
Atlassian Fisheye 2.4.6
Atlassian Fisheye 2.3.8
Atlassian Fisheye 2.3.7
Atlassian Fisheye 2.2.3
Atlassian Fisheye 2.2.1
Atlassian Fisheye 2.0.6
Atlassian Fisheye 2.0.5
Atlassian Fisheye 2.0
Atlassian Fisheye 1.5.4
356
VMScore
CVE-2021-43955
The /rest-service-fecru/server-v1 resource in Fisheye and Crucible before version 4.8.9 allowed authenticated remote malicious users to obtain information about installation directories via information disclosure vulnerability.
Atlassian Crucible
Atlassian Fisheye
356
VMScore
CVE-2021-43954
The DefaultRepositoryAdminService class in Fisheye and Crucible before version 4.8.9 allowed remote attackers, who have 'can add repository permission', to enumerate the existence of internal network and filesystem resources via a Server-Side Request Forgery (SSRF) vuln...
Atlassian Crucible
Atlassian Fisheye
356
VMScore
CVE-2020-14192
Affected versions of Atlassian Fisheye and Crucible allow remote malicious users to view a product's SEN via an Information Disclosure vulnerability in the x-asen response header from Atlassian Analytics. The affected versions are before version 4.8.4.
Atlassian Crucible
Atlassian Fisheye
356
VMScore
CVE-2017-18112
Affected versions of Atlassian Fisheye allow remote malicious users to view the HTTP password of a repository via an Information Disclosure vulnerability in the logging feature. The affected versions are before version 4.8.3.
Atlassian Fisheye
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »