4295 matches found
Project key enumeration via the /rest/api/latest/projectvalidate/key endpoint - CVE-2021-39121
Affected versions of Atlassian Jira Server and Data Center allow authenticated remote attackers to enumerate the keys of private Jira projects via an Information Disclosure vulnerability in the /rest/api/latest/projectvalidate/key endpoint. The affected versions are before version 8.5.18, from...
Stored XSS via Custom Fields creation on AssociateFieldToScreens page - CVE-2021-39117
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Stored Cross-Site Scripting SXSS vulnerability in the Custom Fields creation feature on the AssociateFieldToScreens page. This bug was introduced in version 8.15.0, and i...
The name of a filter can be used to XSS users who open an "Export HTML Report" - CVE-2021-26083
Affected versions of Atlassian Jira Server allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting XSS vulnerability in Export HTML Report feature. The affected versions are before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.0 before...
RCE via git-lfs in Sourcetree for Windows - CVE-2021-21237
There was an argument injection vulnerability in SourceTree for Windows introduced through git-lfs. An attacker could create a malicious repository which, after being cloned in SourceTree for Windows and enabled with git-lfs, is able to exploit this issue to gain code execution on the system. Thi...
XSS in Jira issue filter export file via malicious full name - CVE-2020-14184
Affected versions of Atlassian Jira Server allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting XSS vulnerability in Jira issue filter export files. The affected versions are before version 8.5.9, from version 8.6.0 before 8.12.3, and from version 8.13.0 before...
CSRF in the setup resources - CVE-2020-4018
The setup resources in Atlassian Fisheye and Crucible before version 4.8.1 allows remote attackers to complete the setup process via a cross-site request forgery CSRF vulnerability...
Information disclosure in the /plugins/servlet/jira-blockers/ resource in the crucible-jira-ril plugin - CVE-2020-4016
The /plugins/servlet/jira-blockers/ resource in the crucible-jira-ril plugin in Atlassian Fisheye and Crucible before version 4.8.1 allows remote attackers to get the ID of configured Jira application links via an information disclosure vulnerability...
XSS in the FilterPickerPopup.jspa resource through the searchOwnerUserName parameter - CVE-2019-14996
The FilterPickerPopup.jspa resource in Jira before version 7.13.7, and from version 8.0.0 before version 8.3.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the searchOwnerUserName parameter...
CVE-2019-11581 - Template injection in various resources
There was a server-side template injection vulnerability in Jira Server and Data Center, in the ContactAdministrators and the SendBulkMail actions. For this issue to be exploitable at least one of the following conditions must be met: an SMTP server has been configured in Jira and the Contact...
Permissions bypass in the inline-create rest resource - CVE-2018-20826
The inline-create rest resource in Jira before version 7.12.3 allows authenticated remote attackers to set the reporter in issues via a missing authorisation check...
Encrypt password variables in VARIABLE_CONTEXT and VARIABLE_BASELINE_ITEM tables
h3. Problem Definition Currently, Bamboo password variables are not encrypted in the VARIABLECONTEXT and VARIABLEBASELINEITEM tables, even though they are encrypted in VARIABLEDEFINITION h3. Suggested Solution Encrypt passwords in VARIABLECONTEXT and VARIABLEBASELINEITEM tables h3. Workaround...
Upgrade Tomcat to the version 8.5.29
Current version of Tomcat 8.5.6 bundled with JIRA 7.3.x is vulnerable to https://tomcat.apache.org/security-8.htmlFixedinApacheTomcat8.5.9. Customer would like the Tomcat to be upgraded to the latest version available as their client is no longer willing to run JIRA without having the tomcat...
Deleted page with restrictions notified all users
h2. Summary Restricted page was deleted, user were restricted from that page receive email notification about the page was deleted. h3. h3. Steps to replicate Create 2 users with the name User A and User B. User A created a space called Notification and created a page called Testing. User A...
Responses with Set-Cookie header cached
h3. Context We have Jira running with SSO from Crowd. Jira is behind a corporate reverse proxy from BlueCoat which has caching enabled but respects the Cache-control, Expire and Pragma HTTP headers. h3. Problem We have discovered following cases of sessions mix up where a user \1 get the Crowd...
The JIRA/Crowd applications fail to properly sanitize user input in the query string of the website or in the value of a parameter
panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-29640. panel We need to avoid Cross-site Scripting vulnerabilities. A function should be created to provide server side and client side inpu...
DoS (Denial of Service) org.json:json Dependency in Jira Software Data Center and Server
This High severity org.json:json Dependency vulnerability was introduced in versions 8.20.0, 8.22.0, 9.0.0, 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0, 9.6.0, 9.7.0, 9.8.0, 9.9.0, 9.10.0, 9.11.0, and 9.12.0 of Jira Software Data Center and Server. This org.json:json Dependency vulnerability, with a CVSS...
DoS (Denial of Service) org.apache.tomcat:tomcat-coyote Vulnerability in Crowd Data Center and Server
This High severity Third-Party Dependency vulnerability was introduced in versions 5.2.0, 5.1.5, 5.0.7, 4.4.5, and other older versions of Crowd Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...
org.apache.tomcat:tomcat-catalina Vulnerability in Bamboo Data Center and Server
This High severity Third-Party Dependency vulnerability was introduced in versions 9.2.2, 9.2.3 and 9.3.0 of Bamboo Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an unauthenticat...
Injection, RCE (Remote Code Execution) in Bamboo
This High severity Injection and RCE Remote Code Execution vulnerability known as CVE-2023-22506 was introduced in version 8.0.0 of Bamboo Data Center. This Injection and RCE Remote Code Execution vulnerability, with a CVSS Score of 7.5, allows an authenticated attacker to modify the actions take...
Bump jackson-databind dependency to 2.13.4.2
Embedded Crowd library has transitive dependency to vulnerable library code:java com.fasterxml.jackson.core:jackson-databind:jar:2.12.1 - CVE-2020-36518code It is being included through Crowd dependency to com.microsoft.azure:msal4j:jar:1.11.0 The affected versions are before version 5.0.4...
Email Template Injection to RCE - CVE-2021-43947
Affected versions of Atlassian Jira Server and Data Center allow remote attackers with administrator privileges to execute arbitrary code via a Remote Code Execution RCE vulnerability in the Email Templates feature. This issue bypasses the fix of https://jira.atlassian.com/browse/JSDSERVER-8665...
Reflected XSS /secure/admin/ImporterFinishedPage.jspa via error message - CVE-2021-41304
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting XSS vulnerability in the /secure/admin/ImporterFinishedPage.jspa error message. The affected versions are before version 8.13.12, and from...
XSS in the review resource through objectives - CVE-2020-4013
The review resource in Atlassian Fisheye and Crucible before version 4.8.1 allows remote attackers to inject arbitrary HTML or Javascript via a cross site scripting XSS vulnerability through the review objectives...
IDOR Disclosure of Private Project Titles
h3. Issue Summary Prerequisite:- Make sure to edit the hosts file in Linux located at /etc/hosts/ adding an entry as jira.hack Setup jira and create a new user account which can be achieved by navigating to User Management Users Create User and setting the Application Access to Jira-core. ...
CVE-2016-6668 - The HipChat plugin for various products leaks the secret key it uses to communicate with a linked HipChat instance.
The HipChat for JIRA plugin exposed the secret key it used to communicate with a linked HipChat service in various pages. For this vulnerability to affect your JIRA instance you must have a HipChat integration established. To exploit this issue in JIRA versions 7.0.0 and higher, attackers need to...
CVE-2016-4319: /auditing/settings was vulnerable to CSRF
panel:bgColor=e7f4fa NOTE: This bug report is for JIRA Server. Using JIRA Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/JRACLOUD-61803. panel The /auditing/settings resource was vulnerable to CSRF|https://en.wikipedia.org/wiki/Cross-siterequestforgery attacks...
Improper Authorization org.springframework.security:spring-security-core Dependency in Bitbucket Data Center and Server
This High severity org.springframework.security:spring-security-core Dependency vulnerability was introduced in versions 8.0.0, 8.1.0, 8.2.0, 8.3.0, 8.4.0, 8.5.0, 8.6.0, 8.7.0, 8.8.0, 8.9.0, 8.10.0, 8.11.0, 8.12.0, 8.13.0, 8.14.0-eap01, 8.15.0, 8.16.0, 8.17.0, 8.18.0, and 8.19.0 of Bitbucket Data...
SSRF (Server-Side Request Forgery) org.springframework:spring-web Dependency in Bamboo Data Center and Server
This High severity org.springframework:spring-web Dependency vulnerability was introduced in versions 8.2.1, 9.0.0, 9.1.0, 9.2.1, 9.3.0, 9.4.0 and 9.5.0 of Bamboo Data Center and Server. This org.springframework:spring-web Dependency vulnerability, with a CVSS Score of 8.1 and a CVSS Vector of...
Improper Authorization org.springframework.security:spring-security-core Dependency in Crowd Data Center and Server
This High severity org.springframework.security:spring-security-core Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This org.springframework.security:spring-security-core Dependency vulnerability, with a CVSS Score of 8.2 and a CVSS...
SQLi (SQL Injection) org.postgresql:postgresql Dependency in Bamboo Data Center and Server
This unexploitable Critical severity vulnerability has a lower assessed risk by Atlassian, as a result it's disclosed in the Monthly Security Bulletin instead of a Critical Security Advisory. Bamboo & Other Atlassian Data Center products are unaffected by this vulnerability as they do not use the...
Jira Server/DC impacted by CVE-2022-22970 & CVE-2022-22971 via vulnerable version of Spring framework
Jira is not impacted no action is required as the vulnerability +cannot be exploited+. All Jira versions below 9.6 uses an affected version of Spring Framework, reason why the JRASERVER-74776 was published, however Jira +does not use the affected methods from the Spring+, hence +is not impacted+:...
RCE in Confluence DataCenter via HazelCast(Confluence) Port
Summary A remote attacker who can connect to the Hazelcast service, running on port 5801 and potentially 5701, is able to execute arbitrary code on all the nodes in a Confluence Data Center through Java deserialization. Vulnerability Details Confluence Data Center uses the third-party software...
Denial of service via an OutOfMemoryError (Tomcat CVE-2021-42340)
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to impact the application's availability via CVE-2021-42340, a Denial of Service DoS vulnerability in Apache Tomcat. The affected versions of Atlassian Jira Server and Data Center are before version 8.21.0...
XStream upgrade to 1.4.18
h3. Problem XStream is vulnerable to security exploits such as highlighted in the image attached. i The list of CVEs can be found in https://x-stream.github.io/security.html This ticket tracks its upgrade to 1.4.18. h3. Environment Confluence v7.13 h3. Workaround Set...
Information disclosure of product SEN via the x-asen response header - CVE-2020-14192
Affected versions of Atlassian Fisheye and Crucible allow remote attackers to view a product's SEN via an Information Disclosure vulnerability in the x-asen response header from Atlassian Analytics. The affected versions are before version 4.8.4. Affected versions: version 4.8.4 Fixed versions:...
XSS in the review resource through objectives - CVE-2020-4013
The review resource in Atlassian Fisheye and Crucible before version 4.8.1 allows remote attackers to inject arbitrary HTML or Javascript via a cross site scripting XSS vulnerability through the review objectives...
JMX monitoring flag in Jira was vulnerable to XSRF/CSRF - CVE-2019-20405
The JMX monitoring flag in Atlassian Jira Server and Data Center before version 8.6.0 allows remote attackers to turn the JMX monitoring flag off or on via a Cross-site request forgery CSRF vulnerability...
Remote code execution vulnerability for Sourcetree for Windows - CVE-2019-11582
There was an argument injection vulnerability in SourceTree for Windows in URI handlers. A remote, unauthenticated attacker was required to convince a user to interact with a crafted URL in order to exploit the vulnerability. With user interaction, an attacker could gained remote code execution o...
SSRF (Server-Side Request Forgery) org.springframework:spring-web Dependency in Bamboo Data Center and Server
This High severity org.springframework:spring-web Dependency vulnerability was introduced in versions 8.2.1, 9.0.0, 9.1.0, 9.2.1, 9.3.0, 9.4.0, 9.5.0, and 9.6.0 of Bamboo Data Center and Server. This org.springframework:spring-web Dependency vulnerability, with a CVSS Score of 8.1 and a CVSS Vect...
SQLi (SQL Injection) org.postgresql:postgresql Dependency in Jira Software Data Center and Server
This Critical severity org.postgresql:postgresql Dependency vulnerability was introduced in versions 9.0.0, 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0, 9.6.0, 9.7.0, 9.8.0, 9.9.0, 9.10.0, 9.11.0, 9.12.0, 9.13.0, and 9.14.0 of Jira Software Data Center and Server. Jira Software Data Center is unaffected by...
DoS (Denial of Service) org.jsoup:jsoup in Jira Software Data Center and Server
This High severity Third-Party Dependency vulnerability was introduced in versions 8.20.0, 9.4.0, 9.5.0, 9.6.0, 9.7.0, 9.8.0, 9.9.0, 9.10.0, and 9.11.0 of Jira Software Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...
Request Smuggling org.apache.tomcat:tomcat-coyote in Confluence Data Center and Server
This High severity Third-Party Dependency vulnerability was introduced in version 7.19.0 of Confluence Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N allows an unauthenticated attacker t...
Upgrade Tomcat for CVE-2023-28708
h3. Issue Summary The version of Tomcat bundled in Jira is affected by CVE-2023-28708|https://nvd.nist.gov/vuln/detail/CVE-2023-28708 as described below: quote When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https...
Fisheye: Multiple Servlet Filter Vulnerabilities
Multiple Servlet Filter vulnerabilities have been fixed in Fisheye. These vulnerabilities also affect other Atlassian products. For more information, refer to Atlassian's security...
Rest API Endpoint Leaked Project Categories, Project categories, status categories, issue link types, priorities, and resolutions to Unauthorised users
Affected versions of Atlassian Jira Server and Data Center allows an Un-Authenticated attacker to view Project categories, status categories, issue link types, priorities, and resolutions via an Information Disclosure vulnerability on the following Endpoints: /rest/api/2/issueLinkType...
Confluence Data Center - Java Deserialization Vulnerability In Hazelcast - CVE-2016-10750
h3. Vulnerability Details Confluence Data Center uses the third-party software Hazelcast, which is vulnerable to Java deserialization attacks CVE-2016-10750|https://vulners.com/cve/CVE-2016-10750. Hazelcast provides functionality needed to run Confluence Data Center as a cluster. A remote,...
Reflected XSS via /rest/collectors/1.0/template/custom - CVE-2021-43942
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Reflected Cross-Site Scripting XSS vulnerability in the /rest/collectors/1.0/template/custom endpoint. To exploit this issue, the attacker must trick a user into visiting...
Anonymous user can view names of private projects and filters via IDOR in Workload Pie Chart Gadget - CVE-2021-41307
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view the names of private projects and private filters via an Insecure Direct Object References IDOR vulnerability in the Workload Pie Chart Gadget. The affected versions are before version 8.13.1...
Username Enumeration through the render api resource - CVE-2020-36238
The /rest/api/1.0/render resource in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to determine if a username is valid or not via a missing permissions check. Affected...
DOM XSS in the issue navigation & search view via parameter pollution - CVE-2020-36288
The issue navigation & search view in Jira Server and Data Center before version 8.5.12, from version 8.6.0 before version 8.13.4, and from version 8.14.0 before version 8.15.1 allows remote attackers to inject arbitrary HTML or JavaScript via a DOM Cross-Site Scripting XSS vulnerability caused b...