CVE-2024-51329

A Host header injection vulnerability in Agile-Board 1.0 allows attackers to obtain the password reset token via user interaction with a crafted password reset link...

CVE-2024-51329

A Host header injection vulnerability in Agile-Board 1.0 allows attackers to obtain the password reset token via user interaction with a crafted password reset link...

CVE-2024-51329

A Host header injection vulnerability in Agile-Board 1.0 allows attackers to obtain the password reset token via user interaction with a crafted password reset link...

CVE-2024-51329

A Host header injection vulnerability in Agile-Board 1.0 allows attackers to obtain the password reset token via user interaction with a crafted password reset link...

CVE-2024-51329

CVE-2024-51329 – Normal details available Agile-Board 1.0 is affected by a Host header injection vulnerability that can lead to leakage of a password reset token when a user interacts with a crafted password reset link. The core issue is a Host header injection flaw, enabling an attacker to manip...

CVE-2024-51329

A Host header injection vulnerability in Agile-Board 1.0 allows attackers to obtain the password reset token via user interaction with a crafted password reset link...

agile-board 安全漏洞

agile-board is a progressive Node.js framework by the individual developer Malik Idrees. It is used to build efficient and scalable server-side applications. A security vulnerability exists in agile-board version 1.0, which stems from a password reset token that can be obtained via Host header...

PT-2024-34598 · Unknown · Agile-Board

Name of the Vulnerable Software and Affected Versions: Agile-Board version 1.0 Description: A Host header injection issue allows attackers to obtain the password reset token via user interaction with a crafted password reset link. This is achieved through exploiting the Host header injection...

Anonymous user able to access some agile board's report configuration

h3. Issue Summary When someone who did not login to Jira tried to access direct URL to Average Age Report, the user will be shown Configure - Average Age Report page instead of Jira asking the user to login. h3. Steps to Reproduce Copy the full URL to an Average Age Report Eg:...

XSS in the agile wallboard gadget through quick filter names - CVE-2017-18100

The agile wallboard gadget in Atlassian Jira before version 7.8.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the name of quick filters. h3. Workaround Disable the gadget. - Navigate to Administration Add-ons Manage add-ons and se...

Agile board "Add Status" button is not available unless you are member of jira-administrators

As a project administrator or board owner I need to be able to be able to add/remove Statused by using the "Add Status" button from the board Configuration window. Currently this button does appear only for jira-administrators...