5 matches found
Atlassian JIRA 7.x >= 7.6 / 8.x < 8.5.4 / 8.6.x < 8.6.2 Multiple CSRF
According to its self-reported version number, the instance of Atlassian JIRA hosted on the remote web server is 7.x greater than or equal to 7.6, 8.x prior to 8.5.4, or 8.6.x prior to 8.6.2. It is, therefore, affected by multiple vulnerabilities: - An input-validation flaw exists related to the...
CSRF in VerifyPopServerConnection!add.jspa - CVE-2019-20099
The VerifyPopServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery CSRF. An attacker could exploit this by tricking an administrative user into making malicious HTTP requests, allowing the attacker to enumerat...
Server side request forgery (ssrf)
The VerifyPopServerConnection resource in Atlassian Jira before version 7.6.10, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3, from...
CVE-2018-13404
The VerifyPopServerConnection resource in Atlassian Jira before version 7.6.10, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3, from...
The VerifyPopServerConnection resource was vulnerable to SSRF - CVE-2018-13404
The VerifyPopServerConnection resource in Atlassian Jira before version 7.6.10, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3, from...