CVE-2026-39111

creationtimestamp| type| source ---|---|--- 2026-04-20 18:40:18+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjx4knunme2c...

CVE-2022-39111

In Music service, there is a missing permission check. This could lead to elevation of privilege in Music service with no additional execution privileges needed...

Script execution via PDF as attachment - CVE-2021-39111

The attachment as PDF is a vulnerable PDFJS library. To confirm the vulnerability, we uploaded a PDF file containing a JavaScript. After opening a preview of the PDF file, the console displayed the message "Hello, xss is working," indicating that the JavaScript code had been successfully executed...

CVE-2022-39111

creationtimestamp| type| source ---|---|--- 2022-10-14 22:29:11+00:00| seen| https://t.me/cibsecurity/51490...

CVE-2022-39111

In Music service, there is a missing permission check. This could lead to elevation of privilege in Music service with no additional execution privileges needed...

CVE-2022-39111

CVE-2022-39111 describes a missing permission check in the Music service that can lead to elevation of privilege with no additional execution privileges required. The vulnerability is characterized as local, with low privileges required, and high impact to confidentiality, integrity, and availabi...

CVE-2022-39111

In Music service, there is a missing permission check. This could lead to elevation of privilege in Music service with no additional execution privileges needed...

Atlassian Jira 8.14.x < 8.18.2 Multiple Vulnerabilities

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.5.18, 8.6.x 8.13.10 or 8.14.x 8.18.2. It is, therefore, affected by multiple vulnerabilities: - An information disclosure vulnerability in the...

Atlassian Jira < 8.5.18 Multiple Vulnerabilities

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.5.18, 8.6.x 8.13.10 or 8.14.x 8.18.2. It is, therefore, affected by multiple vulnerabilities: - An information disclosure vulnerability in the...

CVE-2021-39111

creationtimestamp| type| source ---|---|--- 2021-08-30 12:32:11+00:00| seen| https://t.me/cibsecurity/27995...

CVE-2021-39111

The CVE-2021-39111 issue affects the Editor plugin in Atlassian Jira Server/Data Center. A Cross-Site Scripting (XSS) vulnerability exists in handling supplied content (e.g., PDFs pasted into fields like description), allowing remote attackers to inject arbitrary HTML/JavaScript. Affected version...

Self-xss via copying content from a PDF - CVE-2021-39111

The Editor plugin in Atlassian Jira Server and Data Center before version 8.5.18, from 8.6.0 before 8.13.10, and from version 8.14.0 before 8.18.2 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting XSS vulnerability in the handling of supplied content such a...