3 matches found
CVE-2024-2445
Mattermost Jira plugin versions shipped with Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before 9.4.3 fail to escape user-controlled outputs when generating HTML pages, which allows an attacker to perform reflected cross-site scripting attacks agains...
VulnCheck KEV: CVE-2023-26256
An unauthenticated path traversal vulnerability affects the "STAGIL Navigation for Jira - Menu & Themes" plugin before 2.0.52 for Jira. By modifying the fileName parameter to the snjFooterNavigationConfig endpoint, it is possible to traverse and read the file system...
JIRA and HipChat for JIRA Plugin - Velocity Template Injection
JIRA and HipChat for JIRA Plugin - Velocity Template Injection JIRA and HipChat for JIRA plugin Velocity Template Injection Vulnerability Date: 2015-08-26 CVE ID: CVE-2015-5603 Vendor Link:...