Lucene search
K

6 matches found

Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.222 views

Jira Users Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Jira Users Enumeration', 'Description' = %q This module exploits an information disclosure vulnerability that allows an unauthenticated user to...

5.3CVSS7AI score0.99603EPSS
Exploits8
Hacker One
Hacker One
added 2020/09/22 7:7 p.m.361 views

U.S. Dept Of Defense: Sensitive data exposure via https://████████.mil/secure/QueryComponent!Default.jspa - CVE-2020-14179

Summary: Information Disclosure vulnerability in outdated Jira. Description: Affected versions of Atlassian Jira Server and Data Center allow remote, unauthenticated attackers to view custom field names and custom SLA names via an Information Disclosure vulnerability in the...

5CVSS1.3AI score0.76042EPSS
Exploits1
OSV
OSV
added 2019/09/11 2:15 p.m.2 views

CVE-2019-8449

The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allows remote attackers to enumerate usernames via an information disclosure vulnerability...

5.3CVSS5.8AI score0.84771EPSS
Exploits8References2
OSV
OSV
added 2019/05/22 6:29 p.m.4 views

CVE-2019-8443

The ViewUpgrades resource in Jira before version 7.13.4, from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers who have obtained access to administrator's session to access the ViewUpgrades administrative resource without needing to...

8.1CVSS7.3AI score0.02618EPSS
Exploits0References2
Symantec
Symantec
added 2019/04/29 12:0 a.m.71 views

Atlassian JIRA CVE-2019-3403 Information Disclosure Vulnerability

Description Atlassian JIRA is prone to an information-disclosure vulnerability. Successful exploits of this issue lead to the disclosure of sensitive information which may aid in launching further attacks. Jira versions prior to 7.13.3, 8.0.0 through and prior to 8.0.4 and 8.1.0 through and prior...

5CVSS1.4AI score0.52637EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2018/04/06 1:29 p.m.3 views

CVE-2017-18097

The Trello board importer resource in Atlassian Jira before version 7.6.1 allows remote attackers who can convince a Jira administrator to import their Trello board to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the title of a Trello card...

5.4CVSS5.4AI score0.00678EPSS
Exploits0References2
Rows per page
Query Builder