Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atlassian jira server vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2019-20414
Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in Issue Navigator Basic Search. The affected versions are before version 7.13.9, and from version 8.0.0 p...
Atlassian Jira
Atlassian Jira Server
Atlassian Jira Software Data Center
Atlassian Jira Data Center
4.3
CVSSv3
CVE-2019-20415
Atlassian Jira Server and Data Center in affected versions allows remote malicious users to modify logging and profiling settings via a cross-site request forgery (CSRF) vulnerability. The affected versions are before version 7.13.3, and from version 8.0.0 prior to 8.1.0.
Atlassian Jira
Atlassian Jira Server
Atlassian Jira Software Data Center
Atlassian Jira Data Center
7.5
CVSSv3
CVE-2020-14167
The MessageBundleResource resource in Jira Server and Data Center before version 7.13.4, from 8.5.0 prior to 8.5.5, from 8.8.0 prior to 8.8.2, and from 8.9.0 prior to 8.9.1 allows remote malicious users to impact the application's availability via an Denial of Service (DoS) ...
Atlassian Jira
Atlassian Jira Server
Atlassian Jira Software Data Center
Atlassian Jira Data Center
5.4
CVSSv3
CVE-2020-14173
The file upload feature in Atlassian Jira Server and Data Center in affected versions allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability. The affected versions are before version 8.5.4, from version 8.6.0 prior to 8...
Atlassian Jira
Atlassian Jira Server
Atlassian Jira Software Data Center
Atlassian Jira Data Center
4.3
CVSSv3
CVE-2020-4029
The /rest/project-templates/1.0/createshared resource in Atlassian Jira Server and Data Center before version 8.5.5, from 8.6.0 prior to 8.7.2, and from 8.8.0 prior to 8.8.1 allows remote malicious users to enumerate project names via an improper authorization vulnerability.
Atlassian Jira
Atlassian Jira Server
Atlassian Jira Software Data Center
Atlassian Jira Data Center
4.8
CVSSv3
CVE-2020-4025
The attachment download resource in Atlassian Jira Server and Data Center The attachment download resource in Atlassian Jira Server and Data Center prior to 8.5.5, and from 8.6.0 prior to 8.8.2, and from 8.9.0 prior to 8.9.1 allows remote malicious users to inject arbitrary HTML ...
Atlassian Jira
Atlassian Jira Server
Atlassian Jira Software Data Center
Atlassian Jira Data Center
5.3
CVSSv3
CVE-2021-26069
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote malicious users to download temporary files and enumerate project keys via an Information Disclosure vulnerability in the /rest/api/1.0/issues/{id}/ActionsAndOperations API endpoint. The affec...
Atlassian Data Center
Atlassian Jira Data Center
Atlassian Jira
Atlassian Jira Server
4.3
CVSSv3
CVE-2021-26075
The Jira importers plugin AttachTemporaryFile rest resource in Jira Server and Data Center before version 8.5.12, from version 8.6.0 prior to 8.13.4, and from version 8.14.0 prior to 8.15.1 allowed remote authenticated malicious users to obtain the full path of the Jira applicati...
Atlassian Data Center
Atlassian Jira Data Center
Atlassian Jira
Atlassian Jira Server
3.7
CVSSv3
CVE-2021-26076
The jira.editor.user.mode cookie set by the Jira Editor Plugin in Jira Server and Data Center before version 8.5.12, from version 8.6.0 before version 8.13.4, and from version 8.14.0 before version 8.15.0 allows remote anonymous attackers who can perform an attacker in the middle...
Atlassian Data Center
Atlassian Jira Data Center
Atlassian Jira
Atlassian Jira Server
3.5
CVSSv3
CVE-2021-26071
The SetFeatureEnabled.jspa resource in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous malicious users to enable and disable Jira Software configuration via a cross-...
Atlassian Data Center
Atlassian Jira Data Center
Atlassian Jira
Atlassian Jira Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »