3 matches found
Vulnerabilities fixed in Atlassian Jira
Atlassian has fixed two vulnerabilities in Jira Server. A unauthenticated remote malicious person could exploit them to perform a Cross-Site-Request-Forgery attack XSRF or to gain direct gain unauthorized access to the JQL query component. Both attack methods lead to obtaining sensitive data...
Atlassian Jira 安全漏洞
Atlassian Jira is a defect tracking management system from Atlassian Australia. Atlassian Jira is vulnerable to an access control error that occurs when a network system or product does not properly restrict access to resources from unauthorized roles. A remote attacker could exploit this...
CVE-2017-18104
The Webhooks component of Atlassian Jira before version 7.6.7 and from version 7.7.0 before version 7.11.0 allows remote attackers who are able to observe or otherwise intercept webhook events to learn information about changes in issues that should not be sent because they are not contained with...