Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

atlassian jira data center 8.6.0 vulnerabilities and exploits

(subscribe to this query)
4.3
CVSSv3

CVE-2019-20106

Comment properties in Atlassian Jira Server and Data Center before version 7.13.12, from 8.0.0 before version 8.5.4, and 8.6.0 before version 8.6.1 allows remote malicious users to make comments on a ticket to which they do not have commenting permissions via a broken access cont...
Atlassian JiraAtlassian Jira Data CenterAtlassian Jira Data Center 8.6.0Atlassian Jira ServerAtlassian Jira Server 8.6.0Atlassian Jira Software Data Center
4.3
CVSSv3

CVE-2020-36231

Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to view the metadata of boards they should not have access to via an Insecure Direct Object References (IDOR) vulnerability. The affected versions are before version 8.5.10, and from version 8...
Atlassian JiraAtlassian Jira Data CenterAtlassian Jira Data Center 8.13.3Atlassian Jira ServerAtlassian Jira Server 8.13.3Atlassian Jira Software Data Center
4.3
CVSSv3

CVE-2020-14174

Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to view titles of a private project via an Insecure Direct Object References (IDOR) vulnerability in the Administration Permission Helper. The affected versions are before version 7.13.6, from...
Atlassian JiraAtlassian Jira Data CenterAtlassian Jira Data Center 8.10.0Atlassian Jira ServerAtlassian Jira Server 8.10.0Atlassian Jira Software Data Center
5.4
CVSSv3

CVE-2021-26082

The XML Export in Atlassian Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 prior to 8.13.6, and from version 8.14.0 prior to 8.17.0 allows remote malicious users to inject arbitrary HTML or JavaScript via a stored cross site scripting vulnerability.
Atlassian Data CenterAtlassian JiraAtlassian Jira Data CenterAtlassian Jira Server
5.4
CVSSv3

CVE-2021-26083

Export HTML Report in Atlassian Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 prior to 8.13.6, and from version 8.14.0 prior to 8.16.1 allows remote malicious users to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability.
Atlassian Data CenterAtlassian JiraAtlassian Jira Data CenterAtlassian Jira Server
6.1
CVSSv3

CVE-2021-26079

The CardLayoutConfigTable component in Jira Server and Jira Data Center before version 8.5.15, and from version 8.6.0 before version 8.13.7, and from version 8.14.0 prior to 8.17.0 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XS...
Atlassian Data CenterAtlassian JiraAtlassian Jira Data CenterAtlassian Jira Server
5.3
CVSSv3

CVE-2021-26081

REST API in Atlassian Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 prior to 8.13.6, and from version 8.14.0 prior to 8.16.1 allows remote malicious users to enumerate usernames via a Sensitive Data Exposure vulnerability in the `/rest/api/latest/user...
Atlassian Data CenterAtlassian JiraAtlassian Jira Data CenterAtlassian Jira Server
5.3
CVSSv3

CVE-2021-39122

Affected versions of Atlassian Jira Server and Data Center allow anonymous remote malicious users to view users' emails via an Information Disclosure vulnerability in the /rest/api/2/search endpoint. The affected versions are before version 8.5.13, from version 8.6.0 prior t...
Atlassian Data CenterAtlassian JiraAtlassian Jira Data CenterAtlassian Jira Server
5.3
CVSSv3

CVE-2020-36238

The /rest/api/1.0/render resource in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous malicious users to determine if a username is valid or not via a missing permiss...
Atlassian Data CenterAtlassian JiraAtlassian Jira Data CenterAtlassian Jira Server
5.3
CVSSv3

CVE-2020-36289

Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the QueryComponentRendererValue!Default.jspa endpoint. The affected versions are before version 8.5.13, from version 8.6.0 pr...
Atlassian Data CenterAtlassian JiraAtlassian Jira Data CenterAtlassian Jira Server
Preferred Score:
CVSSv4
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
privilegeCVE-2025-43967XSSadeptlanguageCVE-2024-42699CVE-2025-1732pritunlpritunl-clientCVE-2025-31201men salon management systemlocalCVE-2025-24071CVE-2025-43973
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook