Lucene search
+L

36 matches found

Positive Technologies
Positive Technologies
added 2022/11/15 12:0 a.m.6 views

PT-2022-26689 · Atlassian · Netic User Export +1

Name of the Vulnerable Software and Affected Versions: Netic User Export add-on for Atlassian Confluence versions prior to 1.3.5 Description: The issue allows an HTTP request to download any file on the system, including sensitive files like SSH private keys, due to the fileName parameter accepti...

7.5CVSS7.3AI score0.00956EPSS
Exploits1References5
CNNVD
CNNVD
added 2022/11/14 12:0 a.m.4 views

Atlassian Confluence 安全漏洞

Atlassian Confluence is a suite of specialized enterprise knowledge management and collaboration software from Atlassian Australia, which can also be used to build enterprise WiKi. A security vulnerability exists in Atlassian Confluence versions prior to 1.3.5 that stems from improper handling of...

7.5CVSS7.5AI score0.00803EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2022/09/17 6:15 p.m.4 views

CVE-2022-39960

The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all groups from the Jira instance by making a groupexportdownload=true request to a plugins/servlet/groupexportforjira/admin/ URI...

5.3CVSS6.1AI score0.2568EPSS
Exploits1References4
NVD
NVD
added 2022/09/17 6:15 p.m.23 views

CVE-2022-39960

The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all groups from the Jira instance by making a groupexportdownload=true request to a plugins/servlet/groupexportforjira/admin/ URI...

5.3CVSS0.2568EPSS
Exploits1References2
OSV
OSV
added 2022/09/17 6:15 p.m.3 views

CVE-2022-39960

The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all groups from the Jira instance by making a groupexportdownload=true request to a plugins/servlet/groupexportforjira/admin/ URI...

5.3CVSS5.8AI score0.2568EPSS
Exploits1References2
Prion
Prion
added 2022/09/17 6:15 p.m.19 views

Authorization

The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all groups from the Jira instance by making a groupexportdownload=true request to a plugins/servlet/groupexportforjira/admin/ URI...

5CVSS5.3AI score0.2568EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/09/17 5:49 p.m.31 views

CVE-2022-39960

The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all groups from the Jira instance by making a groupexportdownload=true request to a plugins/servlet/groupexportforjira/admin/ URI...

5.6AI score0.2568EPSS
Exploits1References2
CVE
CVE
added 2022/09/17 5:49 p.m.68 views

CVE-2022-39960

The CVE-2022-39960 issue affects the Netic Group Export add-on for Atlassian Jira, prior to version 1.0.3. The extension does not perform authorization checks, enabling an unauthenticated user to export all groups by calling groupexport_download=true on plugins/servlet/groupexportforjira/admin/. ...

5.3CVSS5.3AI score0.2568EPSS
In wildExploits1References2Affected Software1
OSV
OSV
added 2022/09/05 6:15 p.m.5 views

CVE-2022-38367

The Netic User Export add-on before 2.0.6 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all users from Jira by making an HTTP request to the affected endpoint...

5.3CVSS5.8AI score0.00439EPSS
Exploits0References2
NVD
NVD
added 2022/09/05 6:15 p.m.28 views

CVE-2022-38367

The Netic User Export add-on before 2.0.6 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all users from Jira by making an HTTP request to the affected endpoint...

5.3CVSS0.00439EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/09/05 6:15 p.m.8 views

CVE-2022-38367

The Netic User Export add-on before 2.0.6 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all users from Jira by making an HTTP request to the affected endpoint...

5.3CVSS5.8AI score0.00439EPSS
Exploits0References3
Prion
Prion
added 2022/09/05 6:15 p.m.21 views

Authorization

The Netic User Export add-on before 2.0.6 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all users from Jira by making an HTTP request to the affected endpoint...

5CVSS5.4AI score0.00439EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/09/05 5:30 p.m.27 views

CVE-2022-38367

The Netic User Export add-on before 2.0.6 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all users from Jira by making an HTTP request to the affected endpoint...

5.7AI score0.00439EPSS
Exploits0References2
CVE
CVE
added 2022/09/05 5:30 p.m.65 views

CVE-2022-38367

CVE-2022-38367 affects the Netic User Export add-on for Atlassian Jira (pre-2.0.6). The root cause is missing authorization checks on the affected endpoint, enabling an unauthenticated user to export all Jira users via an HTTP request. Impact is explicit in the sources: potential exposure of user...

5.3CVSS5.4AI score0.00439EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2022/09/05 12:0 a.m.6 views

Atlassian Jira 安全漏洞

Atlassian Jira is a defect tracking management system from Atlassian Australia. The system is mainly used to track and manage various types of issues and defects in the workplace. A security vulnerability exists in Atlassian Jira versions prior to 2.0.6 that stems from the Netic User Export plugi...

5.3CVSS5.8AI score0.00439EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/09/05 12:0 a.m.5 views

PT-2022-24389 · Atlassian · Netic User Export +1

Name of the Vulnerable Software and Affected Versions: Netic User Export add-on for Atlassian Jira versions prior to 2.0.6 Description: The issue is related to the lack of authorization checks in the Netic User Export add-on. This might allow an unauthenticated user to export all users from Jira ...

5.3CVSS5.2AI score0.00439EPSS
Exploits0References6
Rows per page
Query Builder