Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atlassian jira data center vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2019-20900
Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the Add Field module. The affected versions are before version 8.7.0.
Atlassian Jira Server
Atlassian Jira Data Center
4.3
CVSSv3
CVE-2021-41313
Affected versions of Atlassian Jira Server and Data Center allow authenticated but non-admin remote malicious users to edit email batch configurations via an Improper Authorization vulnerability in the /secure/admin/ConfigureBatching!default.jspa endpoint. The affected versions a...
Atlassian Jira Server
Atlassian Jira Data Center
6.5
CVSSv3
CVE-2021-39126
Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to modify various resources via a Cross-Site Request Forgery (CSRF) vulnerability, following an Information Disclosure vulnerability in the referrer headers which discloses a user's CSRF ...
Atlassian Jira Data Center
Atlassian Jira Server
7.2
CVSSv3
CVE-2021-39128
Affected versions of Atlassian Jira Server or Data Center using the Jira Service Management addon allow remote attackers with JIRA Administrators access to execute arbitrary Java code via a server-side template injection vulnerability in the Email Template feature. The affected v...
Atlassian Jira Server
Atlassian Jira Data Center
4.9
CVSSv3
CVE-2019-20402
Support zip files in Atlassian Jira Server and Data Center before version 8.6.0 could be downloaded by a System Administrator user without requiring the user to re-enter their password via an improper authorization vulnerability.
Atlassian Jira
Atlassian Jira Software Data Center
5.3
CVSSv3
CVE-2019-20403
The API in Atlassian Jira Server and Data Center before version 8.6.0 allows remote malicious users to determine if a Jira project key exists or not via an information disclosure vulnerability.
Atlassian Jira Server
Atlassian Jira Data Center
4.3
CVSSv3
CVE-2019-20405
The JMX monitoring flag in Atlassian Jira Server and Data Center before version 8.6.0 allows remote malicious users to turn the JMX monitoring flag off or on via a Cross-site request forgery (CSRF) vulnerability.
Atlassian Jira Server
Atlassian Jira Data Center
7.8
CVSSv3
CVE-2019-20419
Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to execute arbitrary code via a DLL hijacking vulnerability in Tomcat. The affected versions are before version 8.5.5, and from version 8.6.0 prior to 8.7.2.
Atlassian Jira Server
Atlassian Jira Data Center
4.8
CVSSv3
CVE-2019-20416
Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the project configuration feature. The affected versions are before version 8.3.0.
Atlassian Jira
Atlassian Jira Software Data Center
6.5
CVSSv3
CVE-2019-20418
Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to prevent users from accessing the instance via an Application Denial of Service vulnerability in the /rendering/wiki endpoint. The affected versions are before version 8.8.0.
Atlassian Jira
Atlassian Jira Software Data Center
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »