Atlassian Jira < 7.13.12 Comment Permissions Broken Access Control

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to version 7.13.12, 8.0.0 prior to 8.5.4 or 8.6.0 prior to 8.6.1. It is, therefore, affected by a vulnerability which permits remote attackers to make comments on a ticket to whi...

An Atlassian product has a security vulnerability.

Affected versions of Atlassian Confluence Server allow remote authenticated attackers to view sensitive information in the hidden attachments of custom content on reindexing via an Information Disclosure vulnerability in the search page. The affected versions are before version 7.13.12, from...

Jira Server Comment Permissions Broken Access Control Bug - CVE-2019-20106

Comment properties in Atlassian Jira Server and Data Center before version 7.13.12, from 8.0.0 before version 8.5.4, and 8.6.0 before version 8.6.1 allows remote attackers to make comments on a ticket to which they do not have commenting permissions via a broken access control bug...

Jira Server Comment Permissions Broken Access Control Bug - CVE-2019-20106

Comment properties in Atlassian Jira Server and Data Center before version 7.13.12, from 8.0.0 before version 8.5.4, and 8.6.0 before version 8.6.1 allows remote attackers to make comments on a ticket to which they do not have commenting permissions via a broken access control bug...

Atlassian JIRA CVE-2019-15013 Authorization Bypass Vulnerability

Description Atlassian JIRA is prone to an authorization-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. The following versions of Atlassian JIRA are affected: Versions pri...