Atlassian Jira 8.14.x < 8.20.0 Multiple Vulnerabilities

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.20.0. It is, therefore, affected by multiple vulnerabilities: - A Insecure Direct Object References IDOR vulnerability which may allow unauthenticated remote attackers to vi...

Atlassian Jira 8.14.x < 8.20.10 Server-Side Request Forgery

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is 8.0.x prior to 8.13.22, 8.14.x prior to 8.20.10 or 8.21.x prior to 8.21.4. It is, therefore, affected by a vulnerability allowing a remote, authenticated user including a user who join...

Atlassian Jira < 8.13.18 / 8.14.x < 8.20.6 / 8.21.x < 8.22.0 (JRASERVER-73594)

The version of Atlassian Jira installed on the remote host is prior to 8.13.18 / 8.14.x 8.20.6 / 8.21.x 8.22.0. It is, therefore, affected by a vulnerability as referenced in the JRASERVER-73594 advisory. - Affected versions of Atlassian Jira Server and Data Center allow attackers with...

Atlassian Jira 8.14.x < 8.16.1 Arbitrary File Read

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.5.14, 8.6.x 8.13.6 or 8.14.x 8.16.1. It is, therefore, affected by a path traversal vulnerability in the /WEB-INF/web.xml endpoint allowing remote attackers to read particul...

Atlassian Jira 8.14.x < 8.14.1 Server-Side Request Forgery

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.5.10, 8.6.x 8.13.2 or 8.14.x 8.14.1. It is, therefore, affected by a Server-Side Request Forgery SSRF vulnerability allowing unexpected DNS lookups and requests to malicious...

Atlassian Jira 8.14.x < 8.16.1 Multiple Vulnerabilities

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.5.14, 8.6.x 8.13.6 or 8.14.x 8.16.1. It is, therefore, affected by multiple vulnerabilities: - A Cross-Site Scripting XSS vulnerability in the EditWorkflowScheme.jspa...

Atlassian Jira 8.14.x < 8.14.1 Information Disclosure

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.5.11, 8.6.x 8.13.3 or 8.14.x 8.14.1. It is, therefore, affected by an information disclosure vulnerability in the Jira Projects plugin report page allowing remote attackers ...

Atlassian Jira 8.14.x < 8.15.1 Information Disclosure

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.13.5 or 8.14.x 8.15.1. It is, therefore, affected by a missing permissions check vulnerability allowing remote anonymous attackers to obtain gadget related settings. Note th...

Atlassian Jira < 8.13.3 / 8.14.x < 8.14.1 Broken Authentication (JRASERVER-72029)

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is affected by a broken authentication vulnerability in the makeRequest gadget resource. An unauthenticated, remote attacker can exploit this issue to evade behind-the-firewall protection...