CVE-2026-3582

CVE-2026-3582 affects GitHub Enterprise Server. An Incorrect Authorization vulnerability allowed an authenticated user with a classic PAT lacking the repo scope to retrieve issues and commits from private/internal repositories via the search REST API, provided the user already had access to the r...

EUVD-2019-3253

Malware in sbrugna...

Atlassian Jira < 7.4.2 Xss In Issue Search

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 7.4.2. It is, therefore, affected by a vulnerability which permits remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the...

Atlassian Jira 7.0.2 < 7.13.4 Denial Of Service Via Issue Search Component

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is version 7.0.x prior to version 7.13.4. It is, therefore, affected by a vulnerability which permits remote attackers to deny access to Jira service via denial of service vulnerability i...

Granting the 'Browse Project Archive' permission to a 'Custom Field' within a permission scheme allows all users to see archived issues in result set

h3. Issue Summary If within a project the 'Browse Project Archive' and 'Browse Project' permissions are granted to 'Group Custom Field' or to the 'Reporter' option within the permission scheme, the project will become available to search for any user with the 'Browse Project Archive' permission i...

CVE-2019-11583

The issue searching component in Jira before version 8.1.0 allows remote attackers to deny access to Jira service via denial of service vulnerability in issue search when ordering by "Epic Name"...

Denial of service

The issue searching component in Jira before version 8.1.0 allows remote attackers to deny access to Jira service via denial of service vulnerability in issue search when ordering by "Epic Name"...

CVE-2019-11583

CVE-2019-11583 affects Atlassian Jira: the issue searching component is vulnerable in Jira versions before 8.1.0, allowing remote attackers to deny access to Jira service via a denial-of-service in issue search when ordering by Epic Name. Connected sources confirm affected products/versions and t...

Denial of service in issue searching through Epic Name ordering - CVE-2019-11583

The issue searching component in Jira before version 8.1.0 allows remote attackers to deny access to Jira service via denial of service vulnerability in issue search when ordering by "Epic Name"...

CVE-2017-16864

The issue search resource in Atlassian Jira before version 7.4.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the orderby parameter...

XSS through the orderby parameter in the issue search resource - CVE-2017-16864

The issue search resource in Atlassian Jira before version 7.4.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the orderby parameter...