6.4
CVSSv2

CVE-2012-2928

Published: 22/05/2012 Updated: 29/08/2017
CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10
VMScore: 570
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P

Vulnerability Summary

The Gliffy plugin prior to 3.7.1 for Atlassian JIRA, and prior to 4.2 for Atlassian Confluence, does not properly restrict the capabilities of third-party XML parsers, which allows remote malicious users to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.
Vulnerable Product Search on Vulmon Subscribe to Product

atlassian jira

gliffy gliffy 3.1.4

gliffy gliffy 3.5

gliffy gliffy 2.1.1

gliffy gliffy 2.2.0

gliffy gliffy 3.0.2

gliffy gliffy 3.0.5

gliffy gliffy 3.0.4

gliffy gliffy 3.5.2

gliffy gliffy 3.6

gliffy gliffy 2.1.0

gliffy gliffy 2.1.2

gliffy gliffy 3.0.0

gliffy gliffy 3.0.3

gliffy gliffy

gliffy gliffy 2.0.0

gliffy gliffy 2.0.1

gliffy gliffy 2.2.1

gliffy gliffy 3.0.1

gliffy gliffy 3.1.3

gliffy gliffy 3.1.2

gliffy gliffy 3.6.1

gliffy gliffy 1.0.1

gliffy gliffy 2.1.3

gliffy gliffy 2.2.2

gliffy gliffy 3.1.1

gliffy gliffy 3.1.0

atlassian confluence 4.1.9