4 matches found
PT-2022-3496 · Atlassian · Jira +2
Name of the Vulnerable Software and Affected Versions: Atlassian Jira Server and Data Center versions 8.0.0 through 8.13.21 Atlassian Jira Server and Data Center versions 8.14.0 through 8.20.9 Atlassian Jira Server and Data Center versions 8.21.0 through 8.22.3 Jira Management Server and Data...
CVE-2022-26135
A vulnerability in Mobile Plugin for Jira Data Center and Server allows a remote, authenticated user including a user who joined via the sign-up feature to perform a full read server-side request forgery via a batch endpoint. This affects Atlassian Jira Server and Data Center from version 8.0.0...
Full Read SSRF in Mobile Plugin CVE-2022-26135
A vulnerability in Mobile Plugin for Jira Data Center and Server allows a remote, authenticated user including a user who joined via the sign-up feature to perform a full read server-side request forgery via a batch endpoint. This affects Jira Management Server and Data Center versions from versi...
REST session not terminated
panel This issue deals with how JIRA manages session requests to the REST/SOAP API. The related issue JRA-27050 deals with session management for web Crawlers. The related issue JRA-27047 deals with session management for stateless requests to the REST/SOAP API. panel h4. Expected behavior 1. On...