Vulmon
Recent Vulnerabilities
Trends
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
jira vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-20100
The Atlassian Application Links plugin is vulnerable to cross-site request forgery (CSRF). The following versions are affected: all versions prior to 5.4.21, from version 6.0.0 before version 6.0.12, from version 6.1.0 before version 6.1.2, from version 7.0.0 before version...
Atlassian
Jira
6.8
CVSSv2
CVE-2008-6832
Cross-site request forgery (CSRF) vulnerability in Atlassian JIRA Enterprise Edition 3.13 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from...
Atlassian
Jira
4.3
CVSSv2
CVE-2017-18100
The agile wallboard gadget in Atlassian Jira before version 7.8.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of quick filters....
Atlassian
Jira
4.3
CVSSv2
CVE-2017-18039
The IncomingMailServers resource in Atlassian Jira from version 6.2.1 before version 7.4.4 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the messagesThreshold parameter....
Atlassian
Jira
4.3
CVSSv2
CVE-2017-16864
The issue search resource in Atlassian Jira before version 7.4.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the orderby parameter....
Atlassian
Jira
4.3
CVSSv2
CVE-2017-14594
The printable searchrequest issue resource in Atlassian Jira before version 7.2.12 and from version 7.3.0 before 7.6.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the jqlQuery query parameter....
Atlassian
Jira
2.6
CVSSv2
CVE-2006-3338
Cross-site scripting (XSS) vulnerability in Atlassian JIRA 3.6.2-#156 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in a direct request to secure/ConfigureReleaseNote.jspa, which are not sanitized before being returned in an error page....
Atlassian
Jira
4
CVSSv2
CVE-2019-15013
The WorkflowResource class removeStatus method in Jira before version 7.13.12, from version 8.0.0 before version 8.4.3, and from version 8.5.0 before version 8.5.2 allows authenticated remote attackers who do not have project administration access to remove a configured issue...
Atlassian
Jira
4.3
CVSSv2
CVE-2014-2314
Directory traversal vulnerability in the Issue Collector plugin in Atlassian JIRA before 6.0.4 allows remote attackers to create arbitrary files via unspecified vectors....
Atlassian
Jira
1 EDB exploit available
1 Metasploit module available
4
CVSSv2
CVE-2019-20404
The API in Atlassian Jira Server and Data Center before version 8.6.0 allows authenticated remote attackers to determine project titles they do not have access to via an improper authorization vulnerability....
Atlassian
Jira
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-0674
CVE-2020-7615
clink office
CVE-2017-18687
android
google
buffer overflow
communilink
spoof
CVE-2017-18691
CVE-2020-11512
CVE-2019-17026
cross-site scripting
« PREV
1
2
3
4
5
6
7
8
9
NEXT »
Vulmon