Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jira vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2018-13403
The two-dimensional filter statistics gadget in Atlassian Jira before version 7.6.10, from version 7.7.0 before version 7.12.4, and from version 7.13.0 before version 7.13.1 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vuln...
Atlassian Jira Server
Atlassian Jira
4.1
CVSSv3
CVE-2018-13404
The VerifyPopServerConnection resource in Atlassian Jira before version 7.6.10, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version...
Atlassian Jira Server
Atlassian Jira
7.5
CVSSv3
CVE-2019-8442
The CachingResourceDownloadRewriteRule class in Jira before version 7.13.4, and from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote malicious users to access files in the Jira webroot under the META-INF directory via a lax path acces...
Atlassian Jira
Atlassian Jira Server
4.3
CVSSv3
CVE-2019-11586
The AddResolution.jspa resource in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allows remote malicious users to create new resolutions via a Cross-site request forgery (CSRF) vulnerability.
Atlassian Jira
Atlassian Jira Server
4.3
CVSSv3
CVE-2019-11588
The ViewSystemInfo class doGarbageCollection method in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allows remote malicious users to trigger garbage collection via a Cross-site request forgery (CSRF) vulnerabilit...
Atlassian Jira Server
Atlassian Jira
5.9
CVSSv3
CVE-2017-18104
The Webhooks component of Atlassian Jira before version 7.6.7 and from version 7.7.0 before version 7.11.0 allows remote attackers who are able to observe or otherwise intercept webhook events to learn information about changes in issues that should not be sent because they are n...
Atlassian Jira Server
Atlassian Jira
5.3
CVSSv3
CVE-2019-3401
The ManageFilters.jspa resource in Jira before version 7.13.3 and from version 8.0.0 before version 8.1.1 allows remote malicious users to enumerate usernames via an incorrect authorisation check.
Atlassian Jira Server
Atlassian Jira
6.1
CVSSv3
CVE-2019-3402
The ConfigurePortalPages.jspa resource in Jira before version 7.13.3 and from version 8.0.0 before version 8.1.1 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the searchOwnerUserName parameter.
Atlassian Jira Server
Atlassian Jira
5.3
CVSSv3
CVE-2019-3403
The /rest/api/2/user/picker rest resource in Jira before version 7.13.3, from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote malicious users to enumerate usernames via an incorrect authorisation check.
Atlassian Jira
Atlassian Jira Server
2 Github repositories
6.1
CVSSv3
CVE-2018-5230
The issue collector in Atlassian Jira before version 7.6.6, from version 7.7.0 before version 7.7.4, from version 7.8.0 before version 7.8.4 and from version 7.9.0 before version 7.9.2 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting...
Atlassian Jira
Atlassian Jira Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »