Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atlassian jira data center vulnerabilities and exploits
(subscribe to this query)
830
VMScore
CVE-2019-11581
There was a server-side template injection vulnerability in Jira Server and Data Center, in the ContactAdministrators and the SendBulkMail actions. An attacker is able to remotely execute code on systems that run a vulnerable version of Jira Server or Data Center. All versions of...
Atlassian Jira Server
Atlassian Jira
7 Github repositories
801
VMScore
CVE-2021-43947
Affected versions of Atlassian Jira Server and Data Center allow remote attackers with administrator privileges to execute arbitrary code via a Remote Code Execution (RCE) vulnerability in the Email Templates feature. This issue bypasses the fix of https://jira.atlassian.com/brow...
Atlassian Data Center
Atlassian Jira Data Center
Atlassian Jira
Atlassian Jira Server
801
VMScore
CVE-2021-39115
Affected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers with "Jira Administrators" access to execute arbitrary Java code or run arbitrary system commands via a Server_Side Template Injection vulnerability in the Email Templat...
Atlassian Jira Service Desk
Atlassian Jira Service Management
1 Github repository
801
VMScore
CVE-2019-15001
The Jira Importers Plugin in Atlassian Jira Server and Data Cente from version with 7.0.10 prior to 7.6.16, from 7.7.0 prior to 7.13.8, from 8.0.0 prior to 8.1.3, from 8.2.0 prior to 8.2.5, from 8.3.0 prior to 8.3.4 and from 8.4.0 prior to 8.4.1 allows remote attackers with Admin...
Atlassian Jira Server
Atlassian Jira Server 8.4.0
Atlassian Jira Data Center
Atlassian Jira Data Center 8.4.0
668
VMScore
CVE-2020-36239
Jira Data Center, Jira Core Data Center, Jira Software Data Center from version 6.3.0 prior to 8.5.16, from 8.6.0 prior to 8.13.8, from 8.14.0 prior to 8.17.0 and Jira Service Management Data Center from version 2.0.2 prior to 4.5.16, from version 4.6.0 prior to 4.13.8, and from ...
Atlassian Jira Data Center
Atlassian Jira Service Desk
Atlassian Jira Service Management
1 Github repository
668
VMScore
CVE-2020-14172
This issue exists to document that a security improvement in the way that Jira Server and Data Center use velocity templates has been implemented. The way in which velocity templates were used in Atlassian Jira Server and Data Center in affected versions allowed remote malicious ...
Atlassian Jira
Atlassian Jira Software Data Center
668
VMScore
CVE-2019-20409
The way in which velocity templates were used in Atlassian Jira Server and Data Center prior to version 8.8.0 allowed remote malicious users to gain remote code execution if they were able to exploit a server side template injection vulnerability.
Atlassian Jira
Atlassian Jira Software Data Center
606
VMScore
CVE-2022-0540
A vulnerability in Jira Seraph allows a remote, unauthenticated malicious user to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions prior to 8.13.18, versions 8.14.0 and later prior to 8.20.6, and versio...
Atlassian Jira Service Management
Atlassian Jira Data Center
Atlassian Jira Server
2 Github repositories
605
VMScore
CVE-2017-18113
The DefaultOSWorkflowConfigurator class in Jira Server and Jira Data Center before version 8.18.1 allows remote attackers who can trick a system administrator to import their malicious workflow to execute arbitrary code via a Remote Code Execution (RCE) vulnerability. The vulnera...
Atlassian Data Center
Atlassian Jira
578
VMScore
CVE-2021-43944
This issue exists to document that a security improvement in the way that Jira Server and Data Center use templates has been implemented. Affected versions of Atlassian Jira Server and Data Center allowed remote attackers with system administrator permissions to execute arbitrary...
Atlassian Jira Server
Atlassian Jira Data Center
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »