Lucene search
K

5 matches found

OSV
OSV
added 2022/08/10 3:15 a.m.3 views

CVE-2022-36801

Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to inject arbitrary HTML or JavaScript via a Reflected Cross-Site Scripting RXSS vulnerability in the TeamManagement.jspa endpoint. The affected versions are before version 8.20.8...

6.1CVSS5.9AI score0.64863EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2021/12/31 12:0 a.m.2 views

CVE-2021-43946

Affected versions of Atlassian Jira Server and Data Center allow authenticated remote attackers to add administrator groups to filter subscriptions via a Broken Access Control vulnerability in the /secure/EditSubscription.jspa endpoint. The affected versions are before version 8.13.21, and from...

6.5CVSS6.7AI score0.01148EPSS
Exploits0References2Affected Software2
OSV
OSV
added 2020/06/29 6:15 a.m.5 views

CVE-2019-20413

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to impact the application's availability via a Denial of Service DoS vulnerability on the UserPickerBrowser.jspa page. The affected versions are before version 7.13.9, and from version 8.0.0 before 8.4.2...

7.5CVSS7.2AI score0.02129EPSS
Exploits0References1
OSV
OSV
added 2020/02/12 2:15 p.m.5 views

CVE-2019-20099

The VerifyPopServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery CSRF. An attacker could exploit this by tricking an administrative user into making malicious HTTP requests, allowing the attacker to enumerat...

4.3CVSS5.7AI score0.00743EPSS
Exploits1References2
Atlassian
Atlassian
added 2012/08/01 7:46 a.m.18 views

XSS (reflected) in rankVMID parameter of GetRankPage.jspa

As per https://sdog.jira.com/browse/JSTDEV-2110 Targets:...

0.7AI score
Exploits0
Rows per page
Query Builder