PT-2026-22902

The Seraphinite Accelerator plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.28.14 via the seraph accel api AJAX action with fn=GetData. This is due to the OnAdminApi GetData function not performing any capability checks. This makes it...

VulnCheck KEV: CVE-2022-0540

A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later...

Atlassian Jira Service Management 4.21.0 < 4.22.6 Seraph Authentication Bypass

According to its self-reported version number, the Atlassian Jira Service Management application running on the remote host is version 4.14.0 prior to 4.20.6 or 4.21.0 prior to 4.22.6. It is, therefore, affected by a authentication bypass vulnerability in Jira Seraph which may allow remote,...

Atlassian Jira Service Management 4.14.0 < 4.20.6 Seraph Authentication Bypass

According to its self-reported version number, the Atlassian Jira Service Management application running on the remote host is version 4.14.0 prior to 4.20.6 or 4.21.0 prior to 4.22.6. It is, therefore, affected by a authentication bypass vulnerability in Jira Seraph which may allow remote,...

Atlassian Jira Seraph Authentication Bypass

Atlassian Jira versions 8.13.18, 8.14.x, 8.15.x, 8.16.x, 8.17.x, 8.18.x, 8.19.x, 8.20.x 8.20.6, 8.21.x and Atlassian Jira Service Management versions 4.13.18, 4.14.x, 4.15.x, 4.16.x, 4.17.x, 4.18.x, 4.19.x, 4.20.x 4.20.6 and 4.21.x use a common authentication framework named Atlassian Jira Seraph...

Exploit for Improper Authentication in Atlassian Jira_Data_Center

Atlassian Jira Seraph Authentication Bypass RCE（CVE-2022-0540）...

Bypass Authentication vulnerability in Atlassian Jira Seraph

THREAT LEVEL: Green. For a detailed advisory, download the pdf file here Atlassian has addressed a vulnerability in its Jira Seraph software, tracked as CVE-2022-0540. An unauthenticated attacker can use to bypass authentication. By submitting a specially crafted HTTP request to the affected...

Atlassian Drops Patches for Critical Jira Authentication Bypass Vulnerability

Atlassian has published a security advisory warning of a critical vulnerability in its Jira software that could be abused by a remote, unauthenticated attacker to circumvent authentication protections. Tracked as CVE-2022-0540, the flaw is rated 9.9 out of 10 on the CVSS scoring system and reside...

Atlassian Jira < 8.13.18 / 8.14.x < 8.20.6 / 8.21.x Authentication Bypass in Seraph (JRASERVER-73650)

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is affected by an authentication bypass vulnerability. Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to bypass authentication and...

Vulnerability fixed in Jira Seraph

A vulnerability has been fixed in Jira Seraph, the web framework used for authentication within Jira. The vulnerability allows a remote malicious party to circumvent authentication bypass authentication by sending a specially prepared HTTP request to the server. The application is only vulnerable...

CVE-2022-0540

A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before...

CVE-2022-0540

A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before...

Authentication flaw

A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before...

CVE-2022-0540

A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before...

CVE-2022-0540

A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before...

CVE-2022-0540

CVE-2022-0540 is an authentication-bypass vulnerability in Atlassian Jira Seraph. It enables remote, unauthenticated access via a crafted HTTP request. Affected product ranges (per connected documents): Jira Server/Data Center: &lt; 8.13.18; 8.14.x–8.19.x; 8.20.0–8.20.6; 8.21.x Jira Service Manag...

PT-2022-2325

Name of the Vulnerable Software and Affected Versions Atlassian Jira Server and Data Center versions prior to 8.13.18 Atlassian Jira Server and Data Center versions 8.14.0 through 8.20.6 Atlassian Jira Server and Data Center versions 8.21.0 through 8.22.0 Atlassian Jira Service Management Server...

Authentication Bypass in Jira Seraph - CVE-2022-0540

i Updates 2022/05/05 11:30 AM PDT Updated the List of affected Atlassian Marketplace Apps section to note the following apps have non-vulnerable updates available: Secure Code Warrior® for Jira Simple Tasklists Simple Team Pages for Jira UiPath Test Manager for Jira Xporter - Export issues from...

Atlassian Jira Server Data Center 8.16.0 - Arbitrary File Read

Exploit Title: Atlassian Jira Server Data Center 8.16.0 - Arbitrary File Read Date: 2021-10-05 Exploit Author: Mayank Deshmukh Vendor Homepage: https://www.atlassian.com/ Software Link: https://www.atlassian.com/software/jira/download/data-center Version: versions 8.5.14, 8.6.0 ≤ version 8.13.6,...

Exploit for Path Traversal in Atlassian Jira_Data_Center

CVE-2021-26086 Atlassian Jira Server/Data Center 8.4.0 - Limit...