Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jira vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2020-36287
The dashboard gadgets preference resource of the Atlassian gadgets plugin used in Jira Server and Jira Data Center before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous malicious users to obtain gadget related settings via a missing permissi...
Atlassian Data Center
Atlassian Jira
Atlassian Jira Data Center
Atlassian Jira Server
1 Github repository
6.1
CVSSv3
CVE-2020-36288
The issue navigation and search view in Jira Server and Data Center before version 8.5.12, from version 8.6.0 before version 8.13.4, and from version 8.14.0 before version 8.15.1 allows remote malicious users to inject arbitrary HTML or JavaScript via a DOM Cross-Site Scripting (...
Atlassian Data Center
Atlassian Jira
Atlassian Jira Data Center
Atlassian Jira Server
4.8
CVSSv3
CVE-2020-36234
Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the Screens Modal view. The affected versions are before version 8.5.11, from version 8.6.0 prior to 8....
Atlassian Data Center
Atlassian Jira
Atlassian Jira Data Center
Atlassian Jira Server
5.3
CVSSv3
CVE-2020-36238
The /rest/api/1.0/render resource in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous malicious users to determine if a username is valid or not via a missing permiss...
Atlassian Data Center
Atlassian Jira
Atlassian Jira Data Center
Atlassian Jira Server
9.8
CVSSv3
CVE-2020-36239
Jira Data Center, Jira Core Data Center, Jira Software Data Center from version 6.3.0 prior to 8.5.16, from 8.6.0 prior to 8.13.8, from 8.14.0 prior to 8.17.0 and Jira Service Management Data Center from version 2.0.2 prior to 4.5.16, from version 4.6.0 prior to 4.13.8, and from ...
Atlassian Jira Data Center
Atlassian Jira Service Desk
Atlassian Jira Service Management
6.1
CVSSv3
CVE-2021-41304
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote malicious users to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the /secure/admin/ImporterFinishedPage.jspa error message. The affected versions are before v...
Atlassian Data Center
Atlassian Jira
Atlassian Jira Data Center
Atlassian Jira Server
1 Github repository
6.1
CVSSv3
CVE-2021-39111
The Editor plugin in Atlassian Jira Server and Data Center before version 8.5.18, from 8.6.0 prior to 8.13.10, and from version 8.14.0 prior to 8.18.2 allows remote malicious users to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the handli...
Atlassian Data Center
Atlassian Jira
Atlassian Jira Data Center
Atlassian Jira Server
5.3
CVSSv3
CVE-2021-26069
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote malicious users to download temporary files and enumerate project keys via an Information Disclosure vulnerability in the /rest/api/1.0/issues/{id}/ActionsAndOperations API endpoint. The affec...
Atlassian Data Center
Atlassian Jira
Atlassian Jira Data Center
Atlassian Jira Server
3.5
CVSSv3
CVE-2021-26071
The SetFeatureEnabled.jspa resource in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous malicious users to enable and disable Jira Software configuration via a cross-...
Atlassian Data Center
Atlassian Jira
Atlassian Jira Data Center
Atlassian Jira Server
4.3
CVSSv3
CVE-2021-26075
The Jira importers plugin AttachTemporaryFile rest resource in Jira Server and Data Center before version 8.5.12, from version 8.6.0 prior to 8.13.4, and from version 8.14.0 prior to 8.15.1 allowed remote authenticated malicious users to obtain the full path of the Jira applicati...
Atlassian Data Center
Atlassian Jira
Atlassian Jira Data Center
Atlassian Jira Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-44852
CVE-2024-3400
CVE-2024-30129
insecure direct object reference
CVE-2024-12115
CVE-2024-11220
CVE-2024-51378
privilege escalation
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »