Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atlassian jira data center vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2021-39128
Affected versions of Atlassian Jira Server or Data Center using the Jira Service Management addon allow remote attackers with JIRA Administrators access to execute arbitrary Java code via a server-side template injection vulnerability in the Email Template feature. The affected v...
Atlassian Jira Server
Atlassian Jira Data Center
5
CVSSv2
CVE-2021-26086
Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to read particular files via a path traversal vulnerability in the /WEB-INF/web.xml endpoint. The affected versions are before version 8.5.14, from version 8.6.0 prior to 8.13.6, and from vers...
Atlassian Jira Data Center
Atlassian Jira Server
1 Github repository
NA
CVE-2022-36799
This issue exists to document that a security improvement in the way that Jira Server and Data Center use templates has been implemented. Affected versions of Atlassian Jira Server and Data Center allowed remote attackers with system administrator permissions to execute arbitrary...
Atlassian Jira Data Center
Atlassian Jira Server
NA
CVE-2022-36801
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote malicious users to inject arbitrary HTML or JavaScript via a Reflected Cross-Site Scripting (RXSS) vulnerability in the TeamManagement.jspa endpoint. The affected versions are before version 8.20.8.
Atlassian Jira Data Center
Atlassian Jira Server
5
CVSSv2
CVE-2019-20898
Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to access sensitive information without being authenticated in the Global permissions screen. The affected versions are before version 8.8.0.
Atlassian Jira
Atlassian Jira Software Data Center
3.5
CVSSv2
CVE-2019-20900
Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the Add Field module. The affected versions are before version 8.7.0.
Atlassian Jira Server
Atlassian Jira Data Center
4
CVSSv2
CVE-2019-20402
Support zip files in Atlassian Jira Server and Data Center before version 8.6.0 could be downloaded by a System Administrator user without requiring the user to re-enter their password via an improper authorization vulnerability.
Atlassian Jira
Atlassian Jira Software Data Center
5
CVSSv2
CVE-2019-20403
The API in Atlassian Jira Server and Data Center before version 8.6.0 allows remote malicious users to determine if a Jira project key exists or not via an information disclosure vulnerability.
Atlassian Jira Server
Atlassian Jira Data Center
4
CVSSv2
CVE-2019-20404
The API in Atlassian Jira Server and Data Center before version 8.6.0 allows authenticated remote malicious users to determine project titles they do not have access to via an improper authorization vulnerability.
Atlassian Jira Server
Atlassian Jira Data Center
4.3
CVSSv2
CVE-2019-20405
The JMX monitoring flag in Atlassian Jira Server and Data Center before version 8.6.0 allows remote malicious users to turn the JMX monitoring flag off or on via a Cross-site request forgery (CSRF) vulnerability.
Atlassian Jira Server
Atlassian Jira Data Center
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »