CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

Tenable Nessus•added 2022/07/06 12:0 a.m.•23 views

Atlassian Jira < 8.20.3 / 8.21.0 XSS (JRASERVER-73069)

The version of Atlassian Jira installed on the remote host is prior to 8.20.3 / 8.21.0. It is, therefore, affected by a vulnerability as referenced in the JRASERVER-73069 advisory. - Stored XSS on /rest/jpo/1.0/hierarchyConfiguration via issueTypes parameter - CVE-2021-43945 CVE-2021-43945 Note...

4.8CVSS5.3AI score0.00215EPSS

Exploits0References2

OSV•added 2022/03/08 2:15 a.m.•1 views

CVE-2021-43944

This issue exists to document that a security improvement in the way that Jira Server and Data Center use templates has been implemented. Affected versions of Atlassian Jira Server and Data Center allowed remote attackers with system administrator permissions to execute arbitrary code via Templat...

7.2CVSS6.2AI score0.01969EPSS

Exploits0References1

OSV•added 2022/02/28 1:15 a.m.•2 views

CVE-2021-43945

Affected versions of Atlassian Jira Server and Data Center allow remote attackers with Roadmaps Administrator permissions to inject arbitrary HTML or JavaScript via a Stored Cross-Site Scripting SXSS vulnerability in the /rest/jpo/1.0/hierarchyConfiguration endpoint. The affected versions are...

4.8CVSS5.9AI score

Exploits0References1

Prion•added 2022/02/28 1:15 a.m.•17 views

Cross site scripting

3.5CVSS4.9AI score0.00215EPSS

Exploits0References1Affected Software2

Cvelist•added 2022/02/28 12:20 a.m.•19 views

CVE-2021-43945

5.1AI score0.00215EPSS

Exploits0References1

Vulnrichment•added 2022/02/28 12:20 a.m.•16 views

CVE-2021-43945

6AI score0.00215EPSS

Exploits0References1

NVD•added 2022/02/15 4:15 a.m.•13 views

CVE-2021-43941

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to modify several resources including CsvFieldMappingsPage.jspa and ImporterValueMappingsPage.jspa via a Cross-Site Request Forgery CSRF vulnerability in the jira-importers-plugin. The affected versions are before...

6.5CVSS0.00136EPSS

Exploits0References1

Vulnrichment•added 2022/02/15 3:30 a.m.•13 views

CVE-2021-43941

7AI score0.00136EPSS

Exploits0References1

OSV•added 2022/01/06 1:15 a.m.•2 views

CVE-2021-43947

Affected versions of Atlassian Jira Server and Data Center allow remote attackers with administrator privileges to execute arbitrary code via a Remote Code Execution RCE vulnerability in the Email Templates feature. This issue bypasses the fix of https://jira.atlassian.com/browse/JSDSERVER-8665...

7.2CVSS6.2AI score

Exploits0References1

NVD•added 2022/01/06 1:15 a.m.•13 views

CVE-2021-43947

9CVSS0.01516EPSS

Exploits0References1

Prion•added 2022/01/06 1:15 a.m.•15 views

Remote code execution

9CVSS7.4AI score0.01516EPSS

Exploits0References1Affected Software4

Vulnrichment•added 2022/01/06 1:5 a.m.•13 views

CVE-2021-43947

8.6AI score0.01516EPSS

Exploits0References1

Positive Technologies•added 2022/01/06 12:0 a.m.•1 views

PT-2022-11947 · Atlassian · Jira

Name of the Vulnerable Software and Affected Versions: Atlassian Jira Server and Data Center versions prior to 8.13.15, and versions 8.14.0 through 8.20.3. Description: The issue allows remote attackers with administrator privileges to execute arbitrary code via a Remote Code Execution RCE...

9CVSS8.5AI score0.01516EPSS

Exploits0References7

Prion•added 2022/01/04 3:15 a.m.•11 views

Cross site scripting

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Reflected Cross-Site Scripting XSS vulnerability in the /rest/collectors/1.0/template/custom endpoint. To exploit this issue, the attacker must trick a user into visiting...

4.3CVSS6AI score0.00456EPSS

Exploits0References1Affected Software2

Vulnrichment•added 2022/01/04 2:40 a.m.•10 views

CVE-2021-43942

5.9AI score0.00456EPSS

Exploits0References1