454 matches found
Third-Party Dependency in Crowd Data Center
Note: Aligning with our security bug fix policy|https://www.atlassian.com/trust/security/bug-fix-policy, this vulnerability has been fixed in our latest release only This Critical severity Third-Party Dependency vulnerability was introduced in version 6.1.1 of Crowd Data Center. This Third-Party...
DoS (Denial of Service) in Crowd Data Center
This High severity DoS Denial of Service vulnerability was introduced in version 6.3.1 of Crowd Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 8.7, allows an attacker to cause a resource to be unavailable for its intended users by temporarily or indefinitely disruptin...
On the Impact of Sybil-Based Attacks on Mobile Crowdsensing for Transportation
Mobile Crowd-Sensing MCS enables users with personal mobile devices PMDs to gain information on their surroundings. Users collect and contribute data on different phenomena using their PMD sensors, and the MCS system processes this data to extract valuable information for end users. Navigation...
GOLIATH: a Decentralized Framework for Data Collection in Intelligent Transportation Systems
Intelligent Transportation Systems ITSs technology has advanced during the past years, and it is now used for several applications that require vehicles to exchange real-time data, such as in traffic information management. Traditionally, road traffic information has been collected using on-site...
RCE (Remote Code Execution) com.typesafe.akka:akka-actor_2.11 Dependency in Crowd Data Center and Server
This High severity Third-Party Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 8.1 and a CVSS Vector of CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H allows an unauthenticat...
DoS (Denial of Service) Third-Party Dependency in Crowd Data Center and Server
This High severity Third-Party Dependency vulnerability was introduced in versions 6.1.0 and 6.2.0 of Crowd Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an unauthenticated...
DoS (Denial of Service) Third-Party Dependency in Crowd Data Center and Server
This High severity Third-Party Dependency vulnerability was introduced in versions 6.0.0, 6.1.0, 6.2.0, and 6.3.0 of Crowd Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an...
CVE-2023-22521
This High severity RCE Remote Code Execution vulnerability was introduced in version 3.4.6 of Crowd Data Center and Server. This RCE Remote Code Execution vulnerability, with a CVSS Score of 8.0, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality,...
CVE-2022-43782
Affected versions of Atlassian Crowd allow an attacker to authenticate as the crowd application via security misconfiguration and subsequent ability to call privileged endpoints in Crowd's REST API under the usermanagement path. This vulnerability can only be exploited by IPs specified under the...
Path Traversal Third-Party Dependency in Crowd Data Center and Server
This High severity Third-Party Dependency vulnerability was introduced in versions 5.1.0, 5.2.0, and 5.3.0 of Crowd Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N allows an unauthenticat...
CVE-2013-3925
Atlassian Crowd 2.5.x before 2.5.4, 2.6.x before 2.6.3, 2.3.8, and 2.4.9 allows remote attackers to read arbitrary files and send HTTP requests to intranet servers via a request to 1 /services/2 or 2 services/latest with a DTD containing an XML external entity declaration in conjunction with an...
CVE-2019-1003097
Jenkins Crowd Integration Plugin stores credentials unencrypted in the global config.xml configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2025-31390
Cross-Site Request Forgery CSRF vulnerability in bdoga Social Crowd social-crowd allows Stored XSS.This issue affects Social Crowd: from n/a through = 0.9.6.1...
WordPress Social Crowd plugin <= 0.9.6.1 - CSRF to Stored XSS vulnerability
CSRF to Stored XSS vulnerability discovered by johska in WordPress Plugin Social Crowd versions = 0.9.6.1...
CVE-2025-31390
Cross-Site Request Forgery CSRF vulnerability in bdoga Social Crowd social-crowd allows Stored XSS.This issue affects Social Crowd: from n/a through = 0.9.6.1...
CVE-2025-31390 WordPress Social Crowd plugin <= 0.9.6.1 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in bdoga Social Crowd social-crowd allows Stored XSS.This issue affects Social Crowd: from n/a through = 0.9.6.1...
CVE-2025-31390 WordPress Social Crowd plugin <= 0.9.6.1 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in bdoga Social Crowd social-crowd allows Stored XSS.This issue affects Social Crowd: from n/a through = 0.9.6.1...
WordPress plugin Social Crowd 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
PT-2025-15744 · Unknown · Bdoga Social Crowd
Name of the Vulnerable Software and Affected Versions: bdoga Social Crowd versions 0.9.6.1 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. Recommendations: For versions 0.9.6.1 and earlier, update to a version that contains a fix for...
BASM (Broken Authentication & Session Management) org.apache.tomcat:tomcat-catalina Dependency in Crowd Data Center and Server
This Critical severity org.apache.tomcat:tomcat-catalina Dependency vulnerability was introduced in versions 5.2.0, 5.3.0, 6.0.1, 6.1.0, and 6.2.0 of Crowd Data Center and Server. This org.apache.tomcat:tomcat-catalina Dependency vulnerability, with a CVSS Score of 9.8 and a CVSS Vector of...