1508 matches found
Atlassian Jira WallboardServlet <7.13.1 - Cross-Site Scripting
The WallboardServlet resource in Jira before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross-site scripting vulnerability in the cyclePeriod parameter. id: CVE-2018-20824 info: name: Atlassian Jira WallboardServlet 7.13.1 - Cross-Site Scripting author:...
Atlassian Jira <7.13.3/8.0.0-8.1.1 - Incorrect Authorization
Atlasssian Jira before version 7.13.3 and from version 8.0.0 before version 8.1.1 is susceptible to incorrect authorization. The ManageFilters.jspa resource allows a remote attacker to enumerate usernames via an incorrect authorization check, thus possibly obtaining sensitive information, modifyi...
JIRA Workflow Designer Plugin in Atlassian JIRA Server > 6.3.0 - Remote Code Execution (XXE)
The JIRA Workflow Designer Plugin in Atlassian JIRA Server before 6.3.0 improperly uses an XML parser and deserializer, which allows remote attackers to execute arbitrary code, read arbitrary files, or cause a denial of service via a crafted serialized Java object. id: CVE-2017-5983 info: name:...
PT-2026-49655
Name of the Vulnerable Software and Affected Versions syracom AG Secure Login 2FA for Atlassian Jira, Confluence, and Bitbucket versions 3.4.0.x Description An authentication bypass exists where an attacker with valid user credentials can circumvent the two-factor authentication 2FA flow. By...
Atlassian Jira Service Management Data Center and Server 10.3.0 < 10.3.16 / 11.0.x < 11.2.1 / 11.3.0 (JSDSERVER-16502)
The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16502 advisory. - Improper Input Validation vulnerability in sha.js allows Input Data Manipulation.This issue affects...
Atlassian Jira Service Management Data Center and Server 10.3.0 < 10.3.16 (JSDSERVER-16497)
The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16497 advisory. - Versions of the package cross-spawn before 6.0.6, from 7.0.0 and before 7.0.5 are vulnerable to...
CVE-2022-38367
The Netic User Export add-on before 2.0.6 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all users from Jira by making an HTTP request to the affected endpoint...
Atlassian Jira 10.3.x < 10.3.13 XML External Entity Injection
According to its self-reported version number, the Atlassian Jira application running on the remote host is 10.3.x prior to 10.3.13 or 11.x prior to 11.2.0. It is, therefore, affected by a XML External Entity Injection XXE vulnerability. Note that the scanner has not tested for these issues but h...
Atlassian Jira 11.x < 11.2.0 XML External Entity Injection
According to its self-reported version number, the Atlassian Jira application running on the remote host is 10.3.x prior to 10.3.13 or 11.x prior to 11.2.0. It is, therefore, affected by a XML External Entity Injection XXE vulnerability. Note that the scanner has not tested for these issues but h...
Atlassian Jira 10.3.x < 10.3.12 Path Traversal
According to its self-reported version number, the Atlassian Jira application running on the remote host is 9.12.x prior to 9.12.28, 10.3.x prior to 10.3.12 or 11.x prior to 11.1.0. It is, therefore, affected by a path traversal vulnerability. Note that the scanner has not tested for these issues...
Atlassian Jira Align 安全漏洞
Atlassian Jira Align is a strategic-grade agile management platform from Atlassian Australia. A security vulnerability exists in Atlassian Jira Align that stems from an authorization issue that could lead to the disclosure of sensitive information...
Atlassian Jira Align 安全漏洞
Atlassian Jira Align is a strategic-grade agile management platform from Atlassian Australia. A security vulnerability exists in Atlassian Jira Align that stems from an authorization issue that could lead to the disclosure of sensitive information...
Atlassian Jira Align 安全漏洞
Atlassian Jira Align is a strategic-grade agile management platform from Atlassian Australia. A security vulnerability exists in Atlassian Jira Align that stems from an authorization issue that could lead to the disclosure of sensitive information...
Atlassian Jira Align 安全漏洞
Atlassian Jira Align is a strategic-grade agile management platform from Atlassian Australia. A security vulnerability exists in Atlassian Jira Align that stems from an authorization issue that could lead to the disclosure of sensitive information...
Atlassian Jira Align 安全漏洞
Atlassian Jira Align is a strategic-grade agile management platform from Atlassian Australia. A security vulnerability exists in Atlassian Jira Align that stems from an authorization issue that could lead to the disclosure of sensitive information...
Atlassian Jira Align 安全漏洞
Atlassian Jira Align is a strategic-grade agile management platform from Atlassian Australia. A security vulnerability exists in Atlassian Jira Align that stems from an authorization issue that could lead to the disclosure of sensitive information...
Atlassian Jira Align 安全漏洞
Atlassian Jira Align is a strategic-grade agile management platform from Atlassian Australia. A security vulnerability exists in Atlassian Jira Align that stems from an authorization issue that could lead to the disclosure of sensitive information...
Atlassian Jira Align 安全漏洞
Atlassian Jira Align is a strategic-grade agile management platform from Atlassian Australia. A security vulnerability exists in Atlassian Jira Align that stems from an authorization issue that could lead to a low-privileged user modifying another user's private manifest...
EUVD-2019-10960
Malware in sbrugna...
EUVD-2019-10959
Malware in sbrugna...