Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atlassian crucible vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2020-4023
The review coverage resource in Atlassian Fisheye and Crucible before version 4.8.2 allows remote malicious users to inject arbitrary HTML or Javascript via a cross site scripting (XSS) vulnerability through the committerFilter parameter.
Atlassian Crucible
Atlassian Fisheye
9.8
CVSSv3
CVE-2017-16861
It was possible for double OGNL evaluation in certain redirect action and in WebWork URL and Anchor tags in JSP files to occur. An attacker who can access the web interface of Fisheye or Crucible or who hosts a website that a user who can access the web interface of Fisheye or Cr...
Atlassian Fisheye
Atlassian Crucible
5.3
CVSSv3
CVE-2017-18095
The SnippetRPCServiceImpl class in Atlassian Crucible before version 4.5.1 (the fixed version 4.5.x) and prior to 4.6.0 allows remote malicious users to comment on snippets they do not have authorization to access via an improper authorization vulnerability.
Atlassian Crucible
5.4
CVSSv3
CVE-2017-18092
The print snippet resource in Atlassian Crucible before version 4.4.3 (the fixed version for 4.4.x) and prior to 4.5.0 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the contents of a comment on the snip...
Atlassian Crucible
4.3
CVSSv3
CVE-2020-29447
Affected versions of Atlassian Crucible allow remote malicious users to impact the application's availability via a Denial of Service (DoS) vulnerability in the file upload request feature of code reviews. The affected versions are before version 4.7.4, and from version 4.8....
Atlassian Crucible
5.4
CVSSv3
CVE-2017-18089
The view review history resource in Atlassian Crucible before version 4.4.3 (the fixed version for 4.4.x) and 4.5.0 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the invited reviewers for a review.
Atlassian Crucible
9.1
CVSSv3
CVE-2012-2926
Atlassian JIRA prior to 5.0.1; Confluence prior to 3.5.16, 4.0 prior to 4.0.7, and 4.1 prior to 4.1.10; FishEye and Crucible prior to 2.5.8, 2.6 prior to 2.6.8, and 2.7 prior to 2.7.12; Bamboo prior to 3.3.4 and 3.4.x prior to 3.4.5; and Crowd prior to 2.0.9, 2.1 prior to 2.1.2, ...
Atlassian Bamboo
Atlassian Confluence
Atlassian Confluence Server
Atlassian Crowd
Atlassian Crucible
Atlassian Fisheye
Atlassian Jira
1 EDB exploit
4.3
CVSSv3
CVE-2019-15005
The Atlassian Troubleshooting and Support Tools plugin prior to version 1.17.2 allows an unprivileged user to initiate periodic log scans and send the results to a user-specified email address due to a missing authorization check. The email message may contain configuration infor...
Atlassian Troubleshooting And Support
Atlassian Bamboo
Atlassian Bitbucket
Atlassian Confluence
Atlassian Crowd
Atlassian Crucible
Atlassian Fisheye
Atlassian Jira
5.4
CVSSv3
CVE-2018-20239
Application Links before version 5.0.11, from version 5.1.0 prior to 5.2.10, from version 5.3.0 prior to 5.3.6, from version 5.4.0 prior to 5.4.12, and from version 6.0.0 prior to 6.0.4 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scriptin...
Atlassian Application Links
Atlassian Fisheye
Atlassian Crucible
Atlassian Jira Server
Atlassian Jira Data Center
Atlassian Confluence Data Center
Atlassian Confluence Server
Atlassian Crowd
9.8
CVSSv3
CVE-2022-26136
A vulnerability in multiple Atlassian products allows a remote, unauthenticated malicious user to bypass Servlet Filters used by first and third party apps. The impact depends on which filters are used by each app, and how the filters are used. This vulnerability can result in au...
Atlassian Confluence Data Center 7.18.0
Atlassian Confluence Data Center
Atlassian Confluence Server 7.18.0
Atlassian Confluence Server
Atlassian Bitbucket 8.0.0
Atlassian Bitbucket 8.1.0
Atlassian Crowd
Atlassian Crowd 5.0.0
Atlassian Crucible
Atlassian Fisheye
Atlassian Jira Data Center
Atlassian Jira Server
Atlassian Jira Service Management
Atlassian Bamboo
Atlassian Bitbucket
Atlassian Jira Service Desk
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »