Jira Data Center Security Vulnerabilities and Issues — Jira Data Center CVE List

Lucene search

AtlassianJira Data Center

4 matches found

CVE•added 2021/07/20 4:15 a.m.•110 views

CVE-2021-26081

REST API in Atlassian Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.0 before 8.16.1 allows remote attackers to enumerate usernames via a Sensitive Data Exposure vulnerability in the /rest/api/latest/user/avatar/temporary endpoint.

5.3CVSS5.2AI score0.00379EPSS

CVE•added 2021/07/20 4:15 a.m.•84 views

CVE-2021-26083

Export HTML Report in Atlassian Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.0 before 8.16.1 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability.

5.4CVSS5.2AI score0.00257EPSS

CVE•added 2021/07/29 11:15 a.m.•83 views

CVE-2020-36239

Jira Data Center, Jira Core Data Center, Jira Software Data Center from version 6.3.0 before 8.5.16, from 8.6.0 before 8.13.8, from 8.14.0 before 8.17.0 and Jira Service Management Data Center from version 2.0.2 before 4.5.16, from version 4.6.0 before 4.13.8, and from version 4.14.0 before 4.17.0 ...

9.8CVSS9.7AI score0.16173EPSS

CVE•added 2021/07/20 4:15 a.m.•81 views

CVE-2021-26082

The XML Export in Atlassian Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.0 before 8.17.0 allows remote attackers to inject arbitrary HTML or JavaScript via a stored cross site scripting vulnerability.

5.4CVSS5.3AI score0.0031EPSS