Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atlassian data center vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2019-20407
The ConfigureBambooRelease resource in Jira Software and Jira Software Data Center before version 8.6.1 allows authenticated remote malicious users to view release version information in projects that they do not have access to through an missing authorisation check.
Atlassian Jira Server
Atlassian Jira Data Center
9.8
CVSSv3
CVE-2019-20409
The way in which velocity templates were used in Atlassian Jira Server and Data Center prior to version 8.8.0 allowed remote malicious users to gain remote code execution if they were able to exploit a server side template injection vulnerability.
Atlassian Jira
Atlassian Jira Software Data Center
6.5
CVSSv3
CVE-2019-20418
Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to prevent users from accessing the instance via an Application Denial of Service vulnerability in the /rendering/wiki endpoint. The affected versions are before version 8.8.0.
Atlassian Jira
Atlassian Jira Software Data Center
4.8
CVSSv3
CVE-2019-20900
Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the Add Field module. The affected versions are before version 8.7.0.
Atlassian Jira Server
Atlassian Jira Data Center
4.3
CVSSv3
CVE-2021-41313
Affected versions of Atlassian Jira Server and Data Center allow authenticated but non-admin remote malicious users to edit email batch configurations via an Improper Authorization vulnerability in the /secure/admin/ConfigureBatching!default.jspa endpoint. The affected versions a...
Atlassian Jira Server
Atlassian Jira Data Center
4.3
CVSSv3
CVE-2021-43952
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote malicious users to restore the default configuration of fields via a Cross-Site Request Forgery (CSRF) vulnerability in the /secure/admin/RestoreDefaults.jspa endpoint. The affected versions a...
Atlassian Jira Server
Atlassian Jira Data Center
6.1
CVSSv3
CVE-2021-26080
EditworkflowScheme.jspa in Jira Server and Jira Data Center before version 8.5.14, and from version 8.6.0 before version 8.13.6, and from 8.14.0 prior to 8.16.1 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability.
Atlassian Jira Server
Atlassian Jira Data Center
5.3
CVSSv3
CVE-2021-26085
Affected versions of Atlassian Confluence Server allow remote malicious users to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected versions are before version 7.4.10, and from version 7.5.0 prior to 7.12.3.
Atlassian Confluence Server
Atlassian Confluence Data Center
4 Github repositories
8.8
CVSSv3
CVE-2024-21672
This High severity Remote Code Execution (RCE) vulnerability was introduced in version 2.1.0 of Confluence Data Center and Server. Remote Code Execution (RCE) vulnerability, with a CVSS Score of 8.3 and a CVSS Vector of CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H allows an unaut...
Atlassian Confluence Data Center
Atlassian Confluence Server
1 Github repository
8.8
CVSSv3
CVE-2024-21673
This High severity Remote Code Execution (RCE) vulnerability was introduced in versions 7.13.0 of Confluence Data Center and Server. Remote Code Execution (RCE) vulnerability, with a CVSS Score of 8.0 and a CVSS Vector of CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H allows an aut...
Atlassian Confluence Data Center
Atlassian Confluence Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »