Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atlassian jira vulnerabilities and exploits
(subscribe to this query)
830
VMScore
CVE-2019-11581
There was a server-side template injection vulnerability in Jira Server and Data Center, in the ContactAdministrators and the SendBulkMail actions. An attacker is able to remotely execute code on systems that run a vulnerable version of Jira Server or Data Center. All versions of...
Atlassian Jira Server
Atlassian Jira
7 Github repositories
449
VMScore
CVE-2019-8442
The CachingResourceDownloadRewriteRule class in Jira before version 7.13.4, and from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote malicious users to access files in the Jira webroot under the META-INF directory via a lax path acces...
Atlassian Jira
Atlassian Jira Server
383
VMScore
CVE-2017-14594
The printable searchrequest issue resource in Atlassian Jira before version 7.2.12 and from version 7.3.0 prior to 7.6.1 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the jqlQuery query parameter.
Atlassian Jira Server
Atlassian Jira
445
VMScore
CVE-2020-14185
Affected versions of Jira Server allow remote unauthenticated malicious users to enumerate issue keys via a missing permissions check in the ActionsAndOperations resource. The affected versions are prior to 7.13.18, from version 8.0.0 prior to 8.5.9, and from version 8.6.0 before...
Atlassian Jira
Atlassian Jira Server
445
VMScore
CVE-2018-5231
The ForgotLoginDetails resource in Atlassian Jira before version 7.6.6, from version 7.7.0 before version 7.7.4, from version 7.8.0 before version 7.8.4 and from version 7.9.0 before version 7.9.2 allows remote malicious users to perform a denial of service attack via sending req...
Atlassian Jira Server
Atlassian Jira
570
VMScore
CVE-2017-18101
Various administrative external system import resources in Atlassian JIRA Server (including JIRA Core) before version 7.6.5, from version 7.7.0 before version 7.7.3, from version 7.8.0 before version 7.8.3 and before version 7.9.0 allow remote malicious users to run import operat...
Atlassian Jira Server
Atlassian Jira
605
VMScore
CVE-2019-8443
The ViewUpgrades resource in Jira before version 7.13.4, from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers who have obtained access to administrator's session to access the ViewUpgrades administrative resource withou...
Atlassian Jira Server
Atlassian Jira
383
VMScore
CVE-2017-18104
The Webhooks component of Atlassian Jira before version 7.6.7 and from version 7.7.0 before version 7.11.0 allows remote attackers who are able to observe or otherwise intercept webhook events to learn information about changes in issues that should not be sent because they are n...
Atlassian Jira Server
Atlassian Jira
383
VMScore
CVE-2019-11586
The AddResolution.jspa resource in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allows remote malicious users to create new resolutions via a Cross-site request forgery (CSRF) vulnerability.
Atlassian Jira
Atlassian Jira Server
383
VMScore
CVE-2019-11587
Various exposed resources of the ViewLogging class in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allow remote malicious users to modify various settings via Cross-site request forgery (CSRF).
Atlassian Jira Server
Atlassian Jira
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »