Jira Data Center Security Vulnerabilities and Issues — Jira Data Center CVE List

Lucene search

AtlassianJira Data Center

4 matches found

CVE•added 2021/02/15 12:15 a.m.•101 views

CVE-2020-36234

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the Screens Modal view. The affected versions are before version 8.5.11, from version 8.6.0 before 8.13.3, and from version 8.14...

4.8CVSS5.3AI score0.0023EPSS

CVE•added 2021/02/22 9:15 p.m.•94 views

CVE-2020-29453

The CachingResourceDownloadRewriteRule class in Jira Server and Jira Data Center before version 8.5.11, from 8.6.0 before 8.13.3, and from 8.14.0 before 8.15.0 allowed unauthenticated remote attackers to read arbitrary files within WEB-INF and META-INF directories via an incorrect path access check...

5.3CVSS5.4AI score0.8124EPSS

CVE•added 2021/02/15 12:15 a.m.•91 views

CVE-2020-36236

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the ViewWorkflowSchemes.jspa and ListWorkflows.jspa endpoints. The affected versions are before version 8.5.11, from version 8.6...

6.1CVSS5.8AI score0.0047EPSS

CVE•added 2021/02/02 12:15 a.m.•74 views

CVE-2020-36231

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view the metadata of boards they should not have access to via an Insecure Direct Object References (IDOR) vulnerability. The affected versions are before version 8.5.10, and from version 8.6.0 before 8.13.2.

4.3CVSS4.7AI score0.0027EPSS