Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atlassian vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-1164
Multiple cross-site scripting (XSS) vulnerabilities in Atlassian JIRA 3.12 up to and including 4.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) element or (2) defaultColor parameter to the Colour Picker page; the (3) formName parameter, (4) elem...
Atlassian Jira 3.13.1
Atlassian Jira 3.13.2
Atlassian Jira 3.12.3
Atlassian Jira 3.13
Atlassian Jira 4.0.2
Atlassian Jira 4.1
Atlassian Jira 3.12.1
Atlassian Jira 3.12.2
Atlassian Jira 4.0
Atlassian Jira 4.0.1
Atlassian Jira 3.12
Atlassian Jira 3.13.3
Atlassian Jira 3.13.4
Atlassian Jira 3.13.5
1 Github repository
9.8
CVSSv3
CVE-2022-26136
A vulnerability in multiple Atlassian products allows a remote, unauthenticated malicious user to bypass Servlet Filters used by first and third party apps. The impact depends on which filters are used by each app, and how the filters are used. This vulnerability can result in au...
Atlassian Confluence Data Center 7.18.0
Atlassian Confluence Data Center
Atlassian Confluence Server 7.18.0
Atlassian Confluence Server
Atlassian Bitbucket 8.0.0
Atlassian Bitbucket 8.1.0
Atlassian Crowd
Atlassian Crowd 5.0.0
Atlassian Crucible
Atlassian Fisheye
Atlassian Jira Data Center
Atlassian Jira Server
Atlassian Jira Service Management
Atlassian Bamboo
Atlassian Bitbucket
Atlassian Jira Service Desk
1 Article
8.8
CVSSv3
CVE-2022-26137
A vulnerability in multiple Atlassian products allows a remote, unauthenticated malicious user to cause additional Servlet Filters to be invoked when the application processes requests or responses. Atlassian has confirmed and fixed the only known security issue associated with t...
Atlassian Confluence Data Center 7.18.0
Atlassian Confluence Data Center
Atlassian Confluence Server 7.18.0
Atlassian Confluence Server
Atlassian Bitbucket 8.0.0
Atlassian Bitbucket 8.1.0
Atlassian Crowd
Atlassian Crowd 5.0.0
Atlassian Crucible
Atlassian Fisheye
Atlassian Jira Data Center
Atlassian Jira Server
Atlassian Jira Service Management
Atlassian Bamboo
Atlassian Bitbucket
Atlassian Jira Service Desk
1 Article
NA
CVE-2013-3925
Atlassian Crowd 2.5.x prior to 2.5.4, 2.6.x prior to 2.6.3, 2.3.8, and 2.4.9 allows remote malicious users to read arbitrary files and send HTTP requests to intranet servers via a request to (1) /services/2 or (2) services/latest with a DTD containing an XML external entity decla...
Atlassian Crowd 2.5.2
Atlassian Crowd 2.5.1
Atlassian Crowd 2.5.3
Atlassian Crowd 2.5.0
Atlassian Crowd 2.6.0
Atlassian Crowd 2.6.1
Atlassian Crowd 2.6.2
Atlassian Crowd 2.4.9
Atlassian Crowd 2.3.8
1 Article
5.4
CVSSv3
CVE-2018-20239
Application Links before version 5.0.11, from version 5.1.0 prior to 5.2.10, from version 5.3.0 prior to 5.3.6, from version 5.4.0 prior to 5.4.12, and from version 6.0.0 prior to 6.0.4 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scriptin...
Atlassian Application Links
Atlassian Fisheye
Atlassian Crucible
Atlassian Jira Server
Atlassian Jira Data Center
Atlassian Confluence Data Center
Atlassian Confluence Server
Atlassian Crowd
8.8
CVSSv3
CVE-2017-9514
Bamboo prior to 6.0.5, 6.1.x prior to 6.1.4, and 6.2.x prior to 6.2.1 had a REST endpoint that parsed a YAML file and did not sufficiently restrict which classes could be loaded. An attacker who can log in to Bamboo as a user is able to exploit this vulnerability to execute Java ...
Atlassian Bamboo 6.0.4
Atlassian Bamboo 6.2.0
Atlassian Bamboo 6.1.0
Atlassian Bamboo 6.1.1
Atlassian Bamboo 6.0.1
Atlassian Bamboo 6.0.3
Atlassian Bamboo 6.0.0
Atlassian Bamboo 6.0.2
6.5
CVSSv3
CVE-2017-18037
The git repository tag rest resource in Atlassian Bitbucket Server from version 3.7.0 prior to 4.14.11 (the fixed version for 4.14.x), from version 5.0.0 prior to 5.0.9 (the fixed version for 5.0.x), from version 5.1.0 prior to 5.1.8 (the fixed version for 5.1.x), from version 5....
Atlassian Bitbucket
Atlassian Bitbucket 5.5.2
Atlassian Bitbucket 5.5.3
Atlassian Bitbucket 5.5.4
Atlassian Bitbucket 5.5.5
Atlassian Bitbucket 5.5.0
Atlassian Bitbucket 5.5.6
NA
CVE-2013-5319
Cross-site scripting (XSS) vulnerability in secure/admin/user/views/deleteuserconfirm.jsp in the Admin Panel in Atlassian JIRA prior to 6.0.5 allows remote malicious users to inject arbitrary web script or HTML via the name parameter to secure/admin/user/DeleteUser!default.jspa.
Atlassian Jira 6.0.2
Atlassian Jira
Atlassian Jira 6.0
Atlassian Jira 6.0.1
Atlassian Jira 6.0.3
NA
CVE-2014-2313
Directory traversal vulnerability in the Importers plugin in Atlassian JIRA prior to 6.0.5 allows remote malicious users to create arbitrary files via unspecified vectors.
Atlassian Jira
Atlassian Jira 6.0.3
Atlassian Jira 6.0.1
Atlassian Jira 6.0.2
Atlassian Jira 6.0
4.8
CVSSv3
CVE-2017-18094
Various resources in Atlassian Fisheye and Crucible before version 4.4.3 (the fixed version for 4.4.x) and 4.5.0 allow remote attackers with administrative privileges to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the base path setti...
Atlassian Fisheye 4.5.0
Atlassian Fisheye
Atlassian Crucible 4.5.0
Atlassian Crucible
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924
CVE-2024-3400
overflow
CVE-2024-23528
CVE-2024-21338
CVE-2024-3818
CVE-2024-23535
NULL pointer dereference
elevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »