atlassian jira data center vulnerabilities and exploits

(subscribe to this query)

Comment properties in Atlassian Jira Server and Data Center before version 7.13.12, from 8.0.0 before version 8.5.4, and 8.6.0 before version 8.6.1 allows remote malicious users to make comments on a ticket to which they do not have commenting permissions via a broken access cont...

Atlassian Jira Atlassian Jira Data Center Atlassian Jira Data Center 8.6.0 Atlassian Jira Server Atlassian Jira Server 8.6.0 Atlassian Jira Software Data Center

Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to view the metadata of boards they should not have access to via an Insecure Direct Object References (IDOR) vulnerability. The affected versions are before version 8.5.10, and from version 8...

Atlassian Jira Atlassian Jira Data Center Atlassian Jira Data Center 8.13.3 Atlassian Jira Server Atlassian Jira Server 8.13.3 Atlassian Jira Software Data Center

Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to view titles of a private project via an Insecure Direct Object References (IDOR) vulnerability in the Administration Permission Helper. The affected versions are before version 7.13.6, from...

Atlassian Jira Atlassian Jira Data Center Atlassian Jira Data Center 8.10.0 Atlassian Jira Server Atlassian Jira Server 8.10.0 Atlassian Jira Software Data Center

Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote malicious users to download temporary files and enumerate project keys via an Information Disclosure vulnerability in the /rest/api/1.0/issues/{id}/ActionsAndOperations API endpoint. The affec...

Atlassian Data Center Atlassian Jira Atlassian Jira Data Center Atlassian Jira Server

The XML Export in Atlassian Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 prior to 8.13.6, and from version 8.14.0 prior to 8.17.0 allows remote malicious users to inject arbitrary HTML or JavaScript via a stored cross site scripting vulnerability.

Atlassian Data Center Atlassian Jira Atlassian Jira Data Center Atlassian Jira Server

The Jira importers plugin AttachTemporaryFile rest resource in Jira Server and Data Center before version 8.5.12, from version 8.6.0 prior to 8.13.4, and from version 8.14.0 prior to 8.15.1 allowed remote authenticated malicious users to obtain the full path of the Jira applicati...

Atlassian Data Center Atlassian Jira Atlassian Jira Data Center Atlassian Jira Server

REST API in Atlassian Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 prior to 8.13.6, and from version 8.14.0 prior to 8.16.1 allows remote malicious users to enumerate usernames via a Sensitive Data Exposure vulnerability in the `/rest/api/latest/user...

Atlassian Data Center Atlassian Jira Atlassian Jira Data Center Atlassian Jira Server

Affected versions of Atlassian Jira Server and Data Center allow remote attackers with administrator privileges to execute arbitrary code via a Remote Code Execution (RCE) vulnerability in the Email Templates feature. This issue bypasses the fix of https://jira.atlassian.com/brow...

Atlassian Data Center Atlassian Jira Atlassian Jira Data Center Atlassian Jira Server

Export HTML Report in Atlassian Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 prior to 8.13.6, and from version 8.14.0 prior to 8.16.1 allows remote malicious users to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability.

Atlassian Data Center Atlassian Jira Atlassian Jira Data Center Atlassian Jira Server

Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to redirect users to a malicious URL via a reverse tabnapping vulnerability in the Project Shortcuts feature. The affected versions are before version 8.5.15, from version 8.6.0 prior to 8.13....

Atlassian Data Center Atlassian Jira Atlassian Jira Data Center Atlassian Jira Server

1 2 3 4 5 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook