Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

atlassian jira data center vulnerabilities and exploits

(subscribe to this query)
4.3
CVSSv3

CVE-2019-20106

Comment properties in Atlassian Jira Server and Data Center before version 7.13.12, from 8.0.0 before version 8.5.4, and 8.6.0 before version 8.6.1 allows remote malicious users to make comments on a ticket to which they do not have commenting permissions via a broken access cont...
Atlassian JiraAtlassian Jira Data CenterAtlassian Jira Data Center 8.6.0Atlassian Jira ServerAtlassian Jira Server 8.6.0Atlassian Jira Software Data Center
4.3
CVSSv3

CVE-2020-14174

Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to view titles of a private project via an Insecure Direct Object References (IDOR) vulnerability in the Administration Permission Helper. The affected versions are before version 7.13.6, from...
Atlassian JiraAtlassian Jira Data CenterAtlassian Jira Data Center 8.10.0Atlassian Jira ServerAtlassian Jira Server 8.10.0Atlassian Jira Software Data Center
4.3
CVSSv3

CVE-2020-36231

Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to view the metadata of boards they should not have access to via an Insecure Direct Object References (IDOR) vulnerability. The affected versions are before version 8.5.10, and from version 8...
Atlassian JiraAtlassian Jira Data CenterAtlassian Jira Data Center 8.13.3Atlassian Jira ServerAtlassian Jira Server 8.13.3Atlassian Jira Software Data Center
5.3
CVSSv3

CVE-2020-36286

The membersOf JQL search function in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous malicious users to determine if a group exists & members of groups if they a...
Atlassian Data CenterAtlassian JiraAtlassian Jira Data CenterAtlassian Jira Server
6.1
CVSSv3

CVE-2021-41304

Affected versions of Atlassian Jira Server and Data Center allow anonymous remote malicious users to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the /secure/admin/ImporterFinishedPage.jspa error message. The affected versions are before v...
Atlassian Data CenterAtlassian JiraAtlassian Jira Data CenterAtlassian Jira Server
7.2
CVSSv3

CVE-2021-43947

Affected versions of Atlassian Jira Server and Data Center allow remote attackers with administrator privileges to execute arbitrary code via a Remote Code Execution (RCE) vulnerability in the Email Templates feature. This issue bypasses the fix of https://jira.atlassian.com/brow...
Atlassian Data CenterAtlassian JiraAtlassian Jira Data CenterAtlassian Jira Server
6.1
CVSSv3

CVE-2021-39111

The Editor plugin in Atlassian Jira Server and Data Center before version 8.5.18, from 8.6.0 prior to 8.13.10, and from version 8.14.0 prior to 8.18.2 allows remote malicious users to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the handli...
Atlassian Data CenterAtlassian JiraAtlassian Jira Data CenterAtlassian Jira Server
4.8
CVSSv3

CVE-2021-39112

Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to redirect users to a malicious URL via a reverse tabnapping vulnerability in the Project Shortcuts feature. The affected versions are before version 8.5.15, from version 8.6.0 prior to 8.13....
Atlassian Data CenterAtlassian JiraAtlassian Jira Data CenterAtlassian Jira Server
7.5
CVSSv3

CVE-2021-39113

Affected versions of Atlassian Jira Server and Data Center allow anonymous remote malicious users to continue to view cached content even after losing permissions, via a Broken Access Control vulnerability in the allowlist feature. The affected versions are before version 8.13.9,...
Atlassian Data CenterAtlassian JiraAtlassian Jira Data CenterAtlassian Jira Server
5.3
CVSSv3

CVE-2021-39122

Affected versions of Atlassian Jira Server and Data Center allow anonymous remote malicious users to view users' emails via an Information Disclosure vulnerability in the /rest/api/2/search endpoint. The affected versions are before version 8.5.13, from version 8.6.0 prior t...
Atlassian Data CenterAtlassian JiraAtlassian Jira Data CenterAtlassian Jira Server
Preferred Score:
CVSSv4
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
local file inclusiondcmtkCVE-2025-24813CVE-2023-52315directory listings wordpress plugin – ulistingCVE-2025-2348IDORCVE-2024-12336vamCVE-2025-24856wirelesswordpress form builder plugin for contact forms, surveys and quizzes – tripettoCVE-2024-55591
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook