Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jira vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2019-20411
Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to modify Wallboard settings via a Cross-site request forgery (CSRF) vulnerability. The affected versions are before version 7.13.9, and from version 8.0.0 prior to 8.4.2.
Atlassian Jira
Atlassian Jira Server
Atlassian Jira Data Center
4.7
CVSSv3
CVE-2019-20100
The Atlassian Application Links plugin is vulnerable to cross-site request forgery (CSRF). The following versions are affected: all versions before 5.4.21, from version 6.0.0 before version 6.0.12, from version 6.1.0 before version 6.1.2, from version 7.0.0 before version 7.0.2, ...
Atlassian Jira
Atlassian Jira Server
Atlassian Jira Data Center
7.2
CVSSv3
CVE-2019-15001
The Jira Importers Plugin in Atlassian Jira Server and Data Cente from version with 7.0.10 prior to 7.6.16, from 7.7.0 prior to 7.13.8, from 8.0.0 prior to 8.1.3, from 8.2.0 prior to 8.2.5, from 8.3.0 prior to 8.3.4 and from 8.4.0 prior to 8.4.1 allows remote attackers with Admin...
Atlassian Jira Server
Atlassian Jira Server 8.4.0
Atlassian Jira Data Center
Atlassian Jira Data Center 8.4.0
5.3
CVSSv3
CVE-2020-36235
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote malicious users to view custom field and custom SLA names via an Information Disclosure vulnerability in the mobile site view. The affected versions are before version 8.13.2, and from version...
Atlassian Jira
Atlassian Jira Server
Atlassian Jira Software Data Center
7.5
CVSSv3
CVE-2021-41306
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote malicious users to view private project and filter names via an Insecure Direct Object References (IDOR) vulnerability in the Average Time in Status Gadget. The affected versions are before version ...
Atlassian Jira
Atlassian Jira Software Data Center
Atlassian Jira Server
7.5
CVSSv3
CVE-2021-41307
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote malicious users to view the names of private projects and private filters via an Insecure Direct Object References (IDOR) vulnerability in the Workload Pie Chart Gadget. The affected versions ...
Atlassian Jira
Atlassian Jira Server
Atlassian Jira Software Data Center
9.8
CVSSv3
CVE-2022-0540
A vulnerability in Jira Seraph allows a remote, unauthenticated malicious user to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions prior to 8.13.18, versions 8.14.0 and later prior to 8.20.6, and versio...
Atlassian Jira Service Management
Atlassian Jira Data Center
Atlassian Jira Server
1 Github repository
6.1
CVSSv3
CVE-2021-41304
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote malicious users to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the /secure/admin/ImporterFinishedPage.jspa error message. The affected versions are before v...
Atlassian Data Center
Atlassian Jira Data Center
Atlassian Jira
Atlassian Jira Server
1 Github repository
5.3
CVSSv3
CVE-2020-36289
Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the QueryComponentRendererValue!Default.jspa endpoint. The affected versions are before version 8.5.13, from version 8.6.0 pr...
Atlassian Data Center
Atlassian Jira
Atlassian Jira Server
Atlassian Jira Data Center
4.8
CVSSv3
CVE-2021-39112
Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to redirect users to a malicious URL via a reverse tabnapping vulnerability in the Project Shortcuts feature. The affected versions are before version 8.5.15, from version 8.6.0 prior to 8.13....
Atlassian Data Center
Atlassian Jira Data Center
Atlassian Jira
Atlassian Jira Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »