Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atlassian jira 8.0.0 vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2019-8445
Several worklog rest resources in Jira before version 7.13.7, and from version 8.0.0 before version 8.3.2 allow remote malicious users to view worklog time information via a missing permissions check.
Atlassian Jira Server
5.4
CVSSv3
CVE-2017-18102
The wiki markup component of atlassian-renderer from version 8.0.0 before version 8.0.22 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in nested wiki markup.
Atlassian Jira Server
5.4
CVSSv3
CVE-2019-8444
The wikirenderer component in Jira before version 7.13.6, and from version 8.0.0 before version 8.3.2 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in image attribute specification.
Atlassian Jira Server
6.1
CVSSv3
CVE-2019-14996
The FilterPickerPopup.jspa resource in Jira before version 7.13.7, and from version 8.0.0 before version 8.3.3 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the searchOwnerUserName parameter.
Atlassian Jira Server
6.1
CVSSv3
CVE-2019-3400
The labels gadget in Jira before version 7.13.2, and from version 8.0.0 before version 8.0.2 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the jql parameter.
Atlassian Jira Server
6.1
CVSSv3
CVE-2019-11589
The ChangeSharedFilterOwner resource in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allows remote malicious users to attack users, in some cases be able to obtain a user's Cross-site request forgery (CSRF) ...
Atlassian Jira Server
4.8
CVSSv3
CVE-2019-8450
Various templates of the Optimization plugin in Jira before version 7.13.6, and from version 8.0.0 before version 8.4.0 allow remote attackers who have permission to manage custom fields to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the ...
Atlassian Jira Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4