Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

atlassian jira server vulnerabilities and exploits

(subscribe to this query)
0.003
EPSS

CVE-2020-14184

Affected versions of Atlassian Jira Server allow remote malicious users to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in Jira issue filter export files. The affected versions are prior to 8.5.9, from version 8.6.0 prior to 8.12.3, and from ...
Atlassian JiraAtlassian Jira ServerAtlassian Jira Server 8.13.0
0.006
EPSS

CVE-2020-14174

Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to view titles of a private project via an Insecure Direct Object References (IDOR) vulnerability in the Administration Permission Helper. The affected versions are before version 7.13.6, from...
Atlassian JiraAtlassian Jira Data CenterAtlassian Jira Data Center 8.10.0Atlassian Jira ServerAtlassian Jira Server 8.10.0Atlassian Jira Software Data Center
0.006
EPSS

CVE-2020-36231

Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to view the metadata of boards they should not have access to via an Insecure Direct Object References (IDOR) vulnerability. The affected versions are before version 8.5.10, and from version 8...
Atlassian JiraAtlassian Jira Data CenterAtlassian Jira Data Center 8.13.3Atlassian Jira ServerAtlassian Jira Server 8.13.3Atlassian Jira Software Data Center
0.009
EPSS

CVE-2019-20106

Comment properties in Atlassian Jira Server and Data Center before version 7.13.12, from 8.0.0 before version 8.5.4, and 8.6.0 before version 8.6.1 allows remote malicious users to make comments on a ticket to which they do not have commenting permissions via a broken access cont...
Atlassian JiraAtlassian Jira Data CenterAtlassian Jira Data Center 8.6.0Atlassian Jira ServerAtlassian Jira Server 8.6.0Atlassian Jira Software Data Center
0.244
EPSS

CVE-2019-15001

The Jira Importers Plugin in Atlassian Jira Server and Data Cente from version with 7.0.10 prior to 7.6.16, from 7.7.0 prior to 7.13.8, from 8.0.0 prior to 8.1.3, from 8.2.0 prior to 8.2.5, from 8.3.0 prior to 8.3.4 and from 8.4.0 prior to 8.4.1 allows remote attackers with Admin...
Atlassian Jira ServerAtlassian Jira Server 8.4.0Atlassian Jira Data CenterAtlassian Jira Data Center 8.4.0
0.006
EPSS

CVE-2019-20411

Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to modify Wallboard settings via a Cross-site request forgery (CSRF) vulnerability. The affected versions are before version 7.13.9, and from version 8.0.0 prior to 8.4.2.
Atlassian JiraAtlassian Jira Data CenterAtlassian Jira Server
0.006
EPSS

CVE-2019-20100

The Atlassian Application Links plugin is vulnerable to cross-site request forgery (CSRF). The following versions are affected: all versions before 5.4.21, from version 6.0.0 before version 6.0.12, from version 6.1.0 before version 6.1.2, from version 7.0.0 before version 7.0.2, ...
Atlassian JiraAtlassian Jira Data CenterAtlassian Jira Server
0.024
EPSS

CVE-2019-20413

Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to impact the application's availability via a Denial of Service (DoS) vulnerability on the UserPickerBrowser.jspa page. The affected versions are before version 7.13.9, and from version ...
Atlassian JiraAtlassian Jira Data CenterAtlassian Jira ServerAtlassian Jira Software Data Center
0.009
EPSS

CVE-2020-14168

The email client in Jira Server and Data Center before version 7.13.16, from 8.5.0 prior to 8.5.7, from 8.8.0 prior to 8.8.2, and from 8.9.0 prior to 8.9.1 allows remote malicious users to access outgoing emails between a Jira instance and the SMTP server via man-in-the-middle (M...
Atlassian JiraAtlassian Jira Data CenterAtlassian Jira ServerAtlassian Jira Software Data Center
0.001
EPSS

CVE-2021-41308

Affected versions of Atlassian Jira Server and Data Center allow authenticated yet non-administrator remote malicious users to edit the File Replication settings via a Broken Access Control vulnerability in the `ReplicationSettings!default.jspa` endpoint. The affected versions ar...
Atlassian JiraAtlassian Jira Data CenterAtlassian Jira ServerAtlassian Jira Software Data Center
Preferred Score:
EPSS
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
physicalpicture galleryCVE-2025-30352administrator privilegesgdpr toolsCVE-2025-26007CVE-2025-24514CVE-2025-26581CVE-2025-1098wp multistore locatorCVE-2025-26986nous ouvert utile et simplecommand injection
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook