Jira Data Center Security Vulnerabilities and Issues — Jira Data Center CVE List

Lucene search

AtlassianJira Data Center

4 matches found

CVE•added 2021/10/26 5:15 a.m.•80 views

CVE-2021-41304

Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the /secure/admin/ImporterFinishedPage.jspa error message. The affected versions are before version 8.13.12, and from ...

6.1CVSS5.9AI score0.0047EPSS

CVE•added 2021/10/26 5:15 a.m.•72 views

CVE-2021-41308

Affected versions of Atlassian Jira Server and Data Center allow authenticated yet non-administrator remote attackers to edit the File Replication settings via a Broken Access Control vulnerability in the ReplicationSettings!default.jspa endpoint. The affected versions are before version 8.6.0, fro...

6.5CVSS6.3AI score0.00243EPSS

CVE•added 2021/10/21 3:15 a.m.•71 views

CVE-2021-39127

Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to the query component JQL endpoint via a Broken Access Control vulnerability (BAC) vulnerability. The affected versions are before version 8.5.10, and from version 8.6.0 before 8.13.1.

5.3CVSS5.2AI score0.00536EPSS

CVE•added 2021/10/21 3:15 a.m.•69 views

CVE-2021-39126

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to modify various resources via a Cross-Site Request Forgery (CSRF) vulnerability, following an Information Disclosure vulnerability in the referrer headers which discloses a user's CSRF token. The affected versions a...

6.5CVSS6.7AI score0.0033EPSS