Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atlassian vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-41305
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote malicious users to view the names of private projects and filters via an Insecure Direct Object References (IDOR) vulnerability in the Average Number of Times in Status Gadget. The affected versions...
Atlassian Jira
Atlassian Jira Software Data Center
5
CVSSv2
CVE-2021-41307
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote malicious users to view the names of private projects and private filters via an Insecure Direct Object References (IDOR) vulnerability in the Workload Pie Chart Gadget. The affected versions ...
Atlassian Jira
Atlassian Jira Server
Atlassian Jira Software Data Center
4.3
CVSSv2
CVE-2021-41304
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote malicious users to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the /secure/admin/ImporterFinishedPage.jspa error message. The affected versions are before v...
Atlassian Data Center
Atlassian Jira Data Center
Atlassian Jira
Atlassian Jira Server
1 Github repository
4.3
CVSSv2
CVE-2021-39126
Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to modify various resources via a Cross-Site Request Forgery (CSRF) vulnerability, following an Information Disclosure vulnerability in the referrer headers which discloses a user's CSRF ...
Atlassian Jira Data Center
Atlassian Jira Server
5
CVSSv2
CVE-2021-39127
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote malicious users to the query component JQL endpoint via a Broken Access Control vulnerability (BAC) vulnerability. The affected versions are before version 8.5.10, and from version 8.6.0 prior to 8....
Atlassian Jira
Atlassian Jira Software Data Center
Atlassian Jira Server
Atlassian Jira Data Center
7.5
CVSSv2
CVE-2020-18683
Floodlight up to and including 1.2 has poor input validation in checkFlow in StaticFlowEntryPusherResource.java because of undefined fields mishandling.
Atlassian Floodlight
7.5
CVSSv2
CVE-2020-18685
Floodlight up to and including 1.2 has poor input validation in checkFlow in StaticFlowEntryPusherResource.java because of unchecked prerequisites related to TCP or UDP ports, or group or table IDs.
Atlassian Floodlight
7.5
CVSSv2
CVE-2020-18684
Floodlight up to and including 1.2 has an integer overflow in checkFlow in StaticFlowEntryPusherResource.java via priority or port number.
Atlassian Floodlight
6.5
CVSSv2
CVE-2021-39128
Affected versions of Atlassian Jira Server or Data Center using the Jira Service Management addon allow remote attackers with JIRA Administrators access to execute arbitrary Java code via a server-side template injection vulnerability in the Email Template feature. The affected v...
Atlassian Jira Server
Atlassian Jira Data Center
5
CVSSv2
CVE-2021-39125
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote malicious users to discover the usernames of users via an enumeration vulnerability in the password reset page. The affected versions are before version 8.5.10, and from version 8.6.0 prior to 8.13....
Atlassian Jira
Atlassian Data Center
Atlassian Jira Server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »