Bamboo Security Vulnerabilities and Issues — Bamboo CVE List

Lucene search

AtlassianBamboo

4 matches found

CVE•added 2021/01/28 2:15 a.m.•79 views

CVE-2021-26067

Affected versions of Atlassian Bamboo allow an unauthenticated remote attacker to view a stack trace that may reveal the path for the home directory in disk and if certain files exists on the tmp directory, via a Sensitive Data Exposure vulnerability in the /chart endpoint. The affected versions ar...

5.3CVSS5.3AI score0.01534EPSS

CVE•added 2018/02/02 2:29 p.m.•41 views

CVE-2017-18040

The viewDeploymentVersionCommits resource in Atlassian Bamboo before version 6.2.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a release.

5.4CVSS5.3AI score0.00144EPSS

CVE•added 2018/02/02 2:29 p.m.•38 views

CVE-2017-18041

The viewDeploymentVersionJiraIssuesDialog resource in Atlassian Bamboo before version 6.2.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a release.

5.4CVSS5.3AI score0.00144EPSS

CVE•added 2018/02/02 2:29 p.m.•37 views

CVE-2017-18082

The plan configure branches resource in Atlassian Bamboo before version 6.2.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the name of a branch.

5.4CVSS5.3AI score0.00164EPSS