Vulmon
Recent Vulnerabilities
Discussions
Trends
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
jira vulnerabilities and exploits
4
CVSSv2
CVE-2018-13404
The VerifyPopServerConnection resource in Atlassian Jira before version 7.6.10, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before...
Atlassian
Jira
4.3
CVSSv2
CVE-2017-16862
The IncomingMailServers resource in Atlassian Jira before version 7.6.2 allows remote attackers to modify the "incoming mail" whitelist setting via a Cross-site request forgery (CSRF) vulnerability....
Atlassian
Jira
4.3
CVSSv2
CVE-2018-5232
The EditIssue.jspa resource in Atlassian Jira before version 7.6.7 and from version 7.7.0 before version 7.10.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the issuetype parameter....
Atlassian
Jira
4.3
CVSSv2
CVE-2019-14998
The Webwork action Cross-Site Request Forgery (CSRF) protection implementation in Jira before version 8.4.0 allows remote attackers to bypass its protection via "cookie tossing" a CSRF cookie from a subdomain of a Jira instance....
Atlassian
Jira
4.3
CVSSv2
CVE-2019-11586
The AddResolution.jspa resource in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allows remote attackers to create new resolutions via a Cross-site request forgery (CSRF) vulnerability....
Atlassian
Jira
6.8
CVSSv2
CVE-2016-4319
Atlassian JIRA Server before 7.1.9 has CSRF in auditing/settings....
Atlassian
Jira
4.3
CVSSv2
CVE-2014-2313
Directory traversal vulnerability in the Importers plugin in Atlassian JIRA before 6.0.5 allows remote attackers to create arbitrary files via unspecified vectors....
Atlassian
Jira
4.3
CVSSv2
CVE-2019-3402
The ConfigurePortalPages.jspa resource in Jira before version 7.13.3 and from version 8.0.0 before version 8.1.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the searchOwnerUserName parameter....
Atlassian
Jira
4.3
CVSSv2
CVE-2007-6617
Cross-site scripting (XSS) vulnerability in 500page.jsp in JIRA Enterprise Edition before 3.12.1 allows remote attackers to inject arbitrary web script or HTML, which is not properly handled when generating error messages, as demonstrated by input originally sent in the URI to...
Atlassian
Jira
6.4
CVSSv2
CVE-2019-8451
The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.4.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery (SSRF) vulnerability due to a logic bug in the JiraWhitelist class....
Atlassian
Jira
8 Github repositories available
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
apq8009 firmware
CVE-2020-7211
LFI
CVE-2019-18187
CVE-2019-19413
CVE-2020-0674
CVE-2019-14768
CVE-2011-3621
qualcomm
man-in-the-middle
path traversal
« PREV
1
2
3
4
5
6
7
NEXT »
Vulmon