Vulmon
Recent Vulnerabilities
Trends
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
jira vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-13387
The IncomingMailServers resource in Atlassian JIRA Server before version 7.6.7, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3 and from version 7.10.0 before version 7.10.2 allows remote attackers to...
Atlassian
Jira
6.5
CVSSv2
CVE-2019-16541
Jenkins JIRA Plugin 3.0.10 and earlier does not declare the correct (folder) scope for per-folder Jira site definitions, allowing users to select and use credentials with System scope....
Jenkins
Jira
3.5
CVSSv2
CVE-2019-8444
The wikirenderer component in Jira before version 7.13.6, and from version 8.0.0 before version 8.3.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in image attribute specification....
Atlassian
Jira
5
CVSSv2
CVE-2019-8442
The CachingResourceDownloadRewriteRule class in Jira before version 7.13.4, and from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers to access files in the Jira webroot under the META-INF directory via a lax path access...
Atlassian
Jira
5.8
CVSSv2
CVE-2019-11585
The startup.jsp resource in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allows remote attackers to redirect users to a different website which they may use as part of performing a phishing attack via an open...
Atlassian
Jira
9.3
CVSSv2
CVE-2019-11581
There was a server-side template injection vulnerability in Jira Server and Data Center, in the ContactAdministrators and the SendBulkMail actions. An attacker is able to remotely execute code on systems that run a vulnerable version of Jira Server or Data Center. All versions...
Atlassian
Jira
7 Github repositories available
3 Articles available
5
CVSSv2
CVE-2019-8448
The login.jsp resource in Jira before version 7.13.4, and from version 8.0.0 before version 8.2.2 allows remote attackers to enumerate usernames via an information disclosure vulnerability....
Atlassian
Jira
5
CVSSv2
CVE-2018-5231
The ForgotLoginDetails resource in Atlassian Jira before version 7.6.6, from version 7.7.0 before version 7.7.4, from version 7.8.0 before version 7.8.4 and from version 7.9.0 before version 7.9.2 allows remote attackers to perform a denial of service attack via sending requests...
Atlassian
Jira
4.3
CVSSv2
CVE-2019-14997
The AccessLogFilter class in Jira before version 8.4.0 allows remote anonymous attackers to learn details about other users, including their username, via an information expose through caching vulnerability when Jira is configured with a reverse Proxy and or a load balancer with...
Atlassian
Jira
5.8
CVSSv2
CVE-2018-13401
The XsrfErrorAction resource in Atlassian Jira before version 7.6.9, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3,...
Atlassian
Jira
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-1630
CVE-2020-0674
CVE-2018-21038
bypass
CVE-2020-1987
CVE-2020-1988
insecure direct object reference
race condition
CVE-2020-6819
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »
Vulmon