Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jira vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2018-13402
Many resources in Atlassian Jira before version 7.6.9, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3, from version 7.1...
Atlassian Jira Server
Atlassian Jira
5.4
CVSSv3
CVE-2018-13403
The two-dimensional filter statistics gadget in Atlassian Jira before version 7.6.10, from version 7.7.0 before version 7.12.4, and from version 7.13.0 before version 7.13.1 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vuln...
Atlassian Jira Server
Atlassian Jira
6.1
CVSSv3
CVE-2018-5230
The issue collector in Atlassian Jira before version 7.6.6, from version 7.7.0 before version 7.7.4, from version 7.8.0 before version 7.8.4 and from version 7.9.0 before version 7.9.2 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting...
Atlassian Jira
Atlassian Jira Server
7.5
CVSSv3
CVE-2018-5231
The ForgotLoginDetails resource in Atlassian Jira before version 7.6.6, from version 7.7.0 before version 7.7.4, from version 7.8.0 before version 7.8.4 and from version 7.9.0 before version 7.9.2 allows remote malicious users to perform a denial of service attack via sending req...
Atlassian Jira Server
Atlassian Jira
6.1
CVSSv3
CVE-2018-5232
The EditIssue.jspa resource in Atlassian Jira before version 7.6.7 and from version 7.7.0 before version 7.10.1 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the issuetype parameter.
Atlassian Jira
Atlassian Jira Server
5.9
CVSSv3
CVE-2017-18104
The Webhooks component of Atlassian Jira before version 7.6.7 and from version 7.7.0 before version 7.11.0 allows remote attackers who are able to observe or otherwise intercept webhook events to learn information about changes in issues that should not be sent because they are n...
Atlassian Jira Server
Atlassian Jira
6.1
CVSSv3
CVE-2017-14594
The printable searchrequest issue resource in Atlassian Jira before version 7.2.12 and from version 7.3.0 prior to 7.6.1 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the jqlQuery query parameter.
Atlassian Jira Server
Atlassian Jira
6.5
CVSSv3
CVE-2017-18101
Various administrative external system import resources in Atlassian JIRA Server (including JIRA Core) before version 7.6.5, from version 7.7.0 before version 7.7.3, from version 7.8.0 before version 7.8.3 and before version 7.9.0 allow remote malicious users to run import operat...
Atlassian Jira Server
Atlassian Jira
3.1
CVSSv3
CVE-2015-8481
Atlassian JIRA Software 7.0.3, JIRA Core 7.0.3, and the bundled JIRA Service Desk 3.0.3 installer attaches the wrong image to e-mail notifications when a user views an issue with inline wiki markup referencing an image attachment, which might allow remote malicious users to obtai...
Atlassian Jira Core 7.0.3
Atlassian Jira Server 7.0.3
Atlassian Jira Service Desk 3.0.3
6.1
CVSSv3
CVE-2019-20901
The login.jsp resource in Jira before version 8.5.2, and from version 8.6.0 before version 8.6.1 allows remote malicious users to redirect users to a different website which they may use as part of performing a phishing attack via an open redirect in the os_destination parameter.
Atlassian Jira
Atlassian Jira Server 8.6.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »