6.8
CVSSv2

CVE-2008-6531

Published: 26/03/2009 Updated: 17/08/2017
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

The WebWork 1 web application framework in Atlassian JIRA prior to 3.13.2 allows remote malicious users to invoke exposed public JIRA methods via a crafted URL that is dynamically transformed into method calls, aka "WebWork 1 Parameter Injection Hole."

Vulnerable Product Search on Vulmon Subscribe to Product

atlassian jira

atlassian jira 2.1

atlassian jira 2.2

atlassian jira 2.2.1

atlassian jira 2.3

atlassian jira 2.4.1

atlassian jira 2.5.1

atlassian jira 2.5.2

atlassian jira 2.5.3

atlassian jira 2.6

atlassian jira 2.6.1

atlassian jira 3.0

atlassian jira 3.0.1

atlassian jira 3.0.2

atlassian jira 3.0.3

atlassian jira 3.1

atlassian jira 3.1.1

atlassian jira 3.2

atlassian jira 3.2.1

atlassian jira 3.2.2

atlassian jira 3.2.3

atlassian jira 3.3

atlassian jira 3.3.1

atlassian jira 3.3.2

atlassian jira 3.3.3

atlassian jira 3.4.1

atlassian jira 3.4.2

atlassian jira 3.4.3

atlassian jira 3.5

atlassian jira 3.5.1

atlassian jira 3.5.2

atlassian jira 3.5.3

atlassian jira 3.6

atlassian jira 3.6.1

atlassian jira 3.6.2

atlassian jira 3.6.3

atlassian jira 3.6.4

atlassian jira 3.6.5

atlassian jira 3.7

atlassian jira 3.7.1

atlassian jira 3.7.2

atlassian jira 3.7.3

atlassian jira 3.7.4

atlassian jira 3.8

atlassian jira 3.8.1

atlassian jira 3.9

atlassian jira 3.9.1

atlassian jira 3.9.2

atlassian jira 3.9.3

atlassian jira 3.10

atlassian jira 3.10.1

atlassian jira 3.10.2

atlassian jira 3.11

atlassian jira 3.12

atlassian jira 3.12.1

atlassian jira 3.12.2

atlassian jira 3.12.3

atlassian jira 3.13

atlassian jira 3.13.1