Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atlassian jira vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-26081
REST API in Atlassian Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 prior to 8.13.6, and from version 8.14.0 prior to 8.16.1 allows remote malicious users to enumerate usernames via a Sensitive Data Exposure vulnerability in the `/rest/api/latest/user...
Atlassian Data Center
Atlassian Jira Data Center
Atlassian Jira
Atlassian Jira Server
4.3
CVSSv2
CVE-2021-39111
The Editor plugin in Atlassian Jira Server and Data Center before version 8.5.18, from 8.6.0 prior to 8.13.10, and from version 8.14.0 prior to 8.18.2 allows remote malicious users to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the handli...
Atlassian Data Center
Atlassian Jira Data Center
Atlassian Jira
Atlassian Jira Server
5
CVSSv2
CVE-2021-39122
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote malicious users to view users' emails via an Information Disclosure vulnerability in the /rest/api/2/search endpoint. The affected versions are before version 8.5.13, from version 8.6.0 prior t...
Atlassian Data Center
Atlassian Jira Data Center
Atlassian Jira
Atlassian Jira Server
9
CVSSv2
CVE-2019-15001
The Jira Importers Plugin in Atlassian Jira Server and Data Cente from version with 7.0.10 prior to 7.6.16, from 7.7.0 prior to 7.13.8, from 8.0.0 prior to 8.1.3, from 8.2.0 prior to 8.2.5, from 8.3.0 prior to 8.3.4 and from 8.4.0 prior to 8.4.1 allows remote attackers with Admin...
Atlassian Jira Server
Atlassian Jira Server 8.4.0
Atlassian Jira Data Center
Atlassian Jira Data Center 8.4.0
5
CVSSv2
CVE-2021-41306
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote malicious users to view private project and filter names via an Insecure Direct Object References (IDOR) vulnerability in the Average Time in Status Gadget. The affected versions are before version ...
Atlassian Jira
Atlassian Jira Software Data Center
Atlassian Jira Server
5
CVSSv2
CVE-2021-41307
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote malicious users to view the names of private projects and private filters via an Insecure Direct Object References (IDOR) vulnerability in the Workload Pie Chart Gadget. The affected versions ...
Atlassian Jira
Atlassian Jira Server
Atlassian Jira Software Data Center
5
CVSSv2
CVE-2020-36235
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote malicious users to view custom field and custom SLA names via an Information Disclosure vulnerability in the mobile site view. The affected versions are before version 8.13.2, and from version...
Atlassian Jira
Atlassian Jira Server
Atlassian Jira Software Data Center
6.8
CVSSv2
CVE-2022-0540
A vulnerability in Jira Seraph allows a remote, unauthenticated malicious user to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions prior to 8.13.18, versions 8.14.0 and later prior to 8.20.6, and versio...
Atlassian Jira Service Management
Atlassian Jira Data Center
Atlassian Jira Server
1 Github repository
7.5
CVSSv2
CVE-2020-36239
Jira Data Center, Jira Core Data Center, Jira Software Data Center from version 6.3.0 prior to 8.5.16, from 8.6.0 prior to 8.13.8, from 8.14.0 prior to 8.17.0 and Jira Service Management Data Center from version 2.0.2 prior to 4.5.16, from version 4.6.0 prior to 4.13.8, and from ...
Atlassian Jira Data Center
Atlassian Jira Service Desk
Atlassian Jira Service Management
1 Github repository
5
CVSSv2
CVE-2019-3399
The BrowseProjects.jspa resource in Jira before version 7.13.2, and from version 8.0.0 before version 8.0.2 allows remote malicious users to see information for archived projects through a missing authorisation check.
Atlassian Jira
Atlassian Jira Server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »