Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

jira vulnerabilities and exploits

(subscribe to this query)

4.3
CVSSv2
CVE-2019-20411
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to modify Wallboard settings via a Cross-site request forgery (CSRF) vulnerability. The affected versions are before version 7.13.9, and from version 8.0.0 before 8.4.2....
Atlassian JiraAtlassian Jira Software Data Center
3.5
CVSSv2
CVE-2019-20900
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the Add Field module. The affected versions are before version 8.7.0....
Atlassian JiraAtlassian Jira Software Data Center
5
CVSSv2
CVE-2019-20899
The Gadget API in Atlassian Jira Server and Data Center in affected versions allows remote attackers to make Jira unresponsive via repeated requests to a certain endpoint in the Gadget API. The affected versions are before version 8.5.4, and from version 8.6.0 before 8.6.1....
Atlassian JiraAtlassian Jira Software Data Center
4.3
CVSSv2
CVE-2020-14164
The WYSIWYG editor resource in Jira Server and Data Center before version 8.8.2 allows remote attackers to inject arbitrary HTML or JavaScript names via an Cross Site Scripting (XSS) vulnerability by pasting javascript code into the editor field....
Atlassian JiraAtlassian Jira Software Data Center
4.3
CVSSv2
CVE-2020-14169
The quick search component in Atlassian Jira Server and Data Center before 8.9.1 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability...
Atlassian JiraAtlassian Jira Software Data Center
5.8
CVSSv2
CVE-2019-20417
NOTE: This candidate is a duplicate of CVE-2019-15011. All CVE users should reference CVE-2019-15011 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage....
Atlassian JiraAtlassian Jira Software Data Center
5
CVSSv2
CVE-2019-20413
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to impact the application's availability via a Denial of Service (DoS) vulnerability on the UserPickerBrowser.jspa page. The affected versions are before version 7.13.9, and from version 8.0.0...
Atlassian JiraAtlassian Jira Software Data Center
4
CVSSv2
CVE-2020-4029
The /rest/project-templates/1.0/createshared resource in Atlassian Jira Server and Data Center before version 8.5.5, from 8.6.0 before 8.7.2, and from 8.8.0 before 8.8.1 allows remote attackers to enumerate project names via an improper authorization vulnerability....
Atlassian JiraAtlassian Jira Software Data Center
5
CVSSv2
CVE-2016-6668
The Atlassian Hipchat Integration Plugin for Bitbucket Server 6.26.0 before 6.27.5, 6.28.0 before 7.3.7, and 7.4.0 before 7.8.17; Confluence HipChat plugin 6.26.0 before 7.8.17; and HipChat for JIRA plugin 6.26.0 before 7.8.17 allows remote attackers to obtain the secret key for...
Atlassian Confluence 5.9.1Atlassian Confluence 5.9.2Atlassian Confluence 5.9.10Atlassian Confluence 5.9.11Atlassian Confluence 5.9.3Atlassian Confluence 5.9.4Atlassian Confluence 5.9.12Atlassian Confluence 5.10.0Atlassian Confluence 5.9.5Atlassian Confluence 5.9.6Atlassian Confluence 5.10.1Atlassian Confluence 5.10.2Atlassian Confluence 5.9.7Atlassian Confluence 5.9.8Atlassian Confluence 5.9.9Atlassian Confluence 5.10.3Atlassian Confluence 5.5.0Atlassian Jira Integration For Hipchat 7.3.2Atlassian Jira Integration For Hipchat 7.3.3Atlassian Jira Integration For Hipchat 6.26.10Atlassian Jira Integration For Hipchat 6.29.1Atlassian Jira Integration For Hipchat 7.4.1Atlassian Jira Integration For Hipchat 7.8.1Atlassian Jira Integration For Hipchat 6.29.2Atlassian Jira Integration For Hipchat 6.31.0Atlassian Jira Integration For Hipchat 7.8.3Atlassian Jira Integration For Hipchat 7.8.12Atlassian Jira Integration For Hipchat 7.1.0Atlassian Jira Integration For Hipchat 7.2.1Atlassian Jira Integration For Hipchat 6.26.0
3.5
CVSSv2
CVE-2020-4024
The attachment download resource in Atlassian Jira Server and Data Center before 8.5.5, and from 8.6.0 before 8.8.2, and from 8.9.0 before 8.9.1 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability issue attachments with a...
Atlassian JiraAtlassian Jira Software Data Center
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-23418CVE-2021-36934CVE-2021-32796remoteCVE-2021-37743file uploadCVE-2020-10590log injectionCVE-2021-3490
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook