Atlassian Jira 安全漏洞

Atlassian Jira is a defect tracking management system from Atlassian Australia. The system is primarily used to track and manage various types of issues and defects in the workplace. A security vulnerability exists in Atlassian Jira Service Management Server and Data Center versions prior to...

Cross site scripting

The Livesearch macro in Confluence Server and Data Center before version 7.4.5, from version 7.5.0 before 7.6.3, and from version 7.7.0 before version 7.7.4 allows remote attackers with permission to edit a page or blog to inject arbitrary HTML or JavaScript via a cross site scripting XSS...

Atlassian Jira 权限许可和访问控制问题漏洞

Atlassian Jira is a defect tracking management system from Atlassian Australia. The system is used to track and manage various types of issues and defects in the workplace. A privilege permission and access control issue vulnerability exists in Atlassian Jira Server and Data Center, which stems...

CVE-2021-39115

Affected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers with "Jira Administrators" access to execute arbitrary Java code or run arbitrary system commands via a ServerSide Template Injection vulnerability in the Email Template feature. The affected...

CVE-2021-39113

Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to continue to view cached content even after losing permissions, via a Broken Access Control vulnerability in the allowlist feature. The affected versions are before version 8.13.9, and from version 8.14....

Atlassian Jira Information Disclosure Vulnerability (CNVD-2020-52940)

Atlassian Jira is a defect tracking management system from Atlassian Australia. The system is used to track and manage all types of issues and defects in the workplace. An information disclosure vulnerability exists in Atlassian Jira Server and Data Center versions prior to 7.13.7, 8.0.0 to 8.5.8...