Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2023/03/14 12:0 a.m.10 views

Atlassian Jira 8.6.0 < 8.9.2 Disclosure Of Private Project Titles

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is 7.0.6 prior to version 7.13.16, 8.0.0 prior to 8.5.7, 8.6.0 prior to 8.9.2 or 8.10.0 prior to 8.10.1. It is, therefore, affected by a vulnerability which allow remote attackers to view...

4.3CVSS7.3AI score0.01215EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/07/22 12:0 a.m.47 views

Atlassian JIRA < 7.13.16 / 8.0.x < 8.5.7 / 8.6.x < 8.9.2 / 8.10.x < 8.10.1 Insecure Direct Object References (IDOR) (JRASERVER-71275)

According to its self-reported version number, the instance of Atlassian JIRA hosted on the remote web server is potentially affected by Insecure Direct Object References IDOR vulnerability. Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view titles of a...

4.3CVSS5.3AI score0.01215EPSS
Exploits0References2
Prion
Prion
added 2020/07/13 5:15 a.m.15 views

Spoofing

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view titles of a private project via an Insecure Direct Object References IDOR vulnerability in the Administration Permission Helper. The affected versions are before version 7.13.6, from version 8.0.0 before...

4CVSS4.6AI score0.01215EPSS
Exploits0References1Affected Software4
Cvelist
Cvelist
added 2020/07/13 4:45 a.m.24 views

CVE-2020-14174

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view titles of a private project via an Insecure Direct Object References IDOR vulnerability in the Administration Permission Helper. The affected versions are before version 7.13.6, from version 8.0.0 before...

4.6AI score0.01215EPSS
Exploits0References1
Drupal
Drupal
added 2019/03/20 12:0 a.m.17 views

AddToAny Share Buttons - Moderately critical - Cross Site Scripting - SA-CONTRIB-2019-039

This module enables you to add social media share buttons on your website to its content and pages. The module doesn't sufficiently mark its administration permission restricted, allowing cross site scripting vulnerabilities to users who have access to its admin settings. This vulnerability is...

6.1AI score
Exploits0References5
Prion
Prion
added 2015/04/21 6:59 p.m.14 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Facebook Album Fetcher module for Drupal allows remote authenticated users with the "access administration pages" permission to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS5.6AI score0.00965EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder