Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Jira Service Management Security Vulnerabilities - February 2022

cve
cve

CVE-2021-43943

Affected versions of Atlassian Jira Service Management Server and Data Center allow attackers with administrator privileges to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the "Object Schema" field of /secure/admin/InsightDefaultCustomFieldConfig.jspa. The a...

4.8CVSS

4.8AI Score

0.001EPSS

2022-02-24 05:15 AM
76
cve
cve

CVE-2021-43948

Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view the names of private objects via an Improper Authorization vulnerability in the "Move objects" feature. The affected versions are before version 4.21.0.

4.3CVSS

4.5AI Score

0.001EPSS

2022-02-15 04:15 AM
89
cve
cve

CVE-2021-43950

Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view import source configuration information via a Broken Access Control vulnerability in the Insight Import Source feature. The affected versions are before version 4.21.0.

4.3CVSS

4.4AI Score

0.001EPSS

2022-02-15 03:15 AM
84