Atlassian Jira 8.5.0 < 8.5.5 Multiple Vulnerabilities

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.5.7. It is, therefore, affected by multiple vulnerabilities: - A vulnerability which permits remote attackers to access outgoing emails between a Jira instance and the SMTP...

Atlassian Jira < 7.13.14 Multiple Vulnerabilities

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.5.7. It is, therefore, affected by multiple vulnerabilities: - A vulnerability which permits remote attackers to access outgoing emails between a Jira instance and the SMTP...

Open redirect

The dashboard gadgets preference resource of the Atlassian gadgets plugin used in Jira Server and Jira Data Center before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to obtain gadget related settings via a missing permissions check...

PT-2021-11994 · Atlassian · Jira +1

Name of the Vulnerable Software and Affected Versions: Jira Server versions prior to 8.13.5 Jira Server versions 8.14.0 through 8.15.0 Jira Data Center versions prior to 8.13.5 Jira Data Center versions 8.14.0 through 8.15.0 Description: The issue allows remote anonymous attackers to obtain gadge...

Atlassian JIRA < 7.13.14 / 8.5.x < 8.5.5 / 8.8.x < 8.8.2 / 8.9.x < 8.9.1 DoS (JRASERVER-71197)

According to its self-reported version number, the instance of Atlassian JIRA hosted on the remote web server is prior to 7.3.14, 8.5.x prior to 8.5.5, 8.8.x prior to 8.8.2 or 8.9.x prior to 8.9.1. It is, therefore, affected by a denial of service DoS vulnerability in its Dashboard & Gadgets...

SSRF in Dashboard & Gadgets - CVE-2019-20408

The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.7.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery SSRF vulnerability due to a logic bug in the JiraWhitelist class. As an example to indicate impact, when...

Denial of service in Dashboard & Gadgets - CVE-2020-14167

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to impact the application's availability via a Denial of Service DoS vulnerability in Dashboard & Gadgets. Affected versions: version 7.13.14 8.5.0 ≤ version 8.5.5 8.8.0 ≤ version 8.8.2 8.9.0 ≤ version 8.9.1 Fixed...