Jira Server@8.5.5 Security Vulnerabilities and Issues — Jira Server@8.5.5 CVE List

Lucene search

AtlassianJira Server8.5.5

4 matches found

CVE•added 2020/02/12 2:15 p.m.•68 views

CVE-2019-20098

The VerifySmtpServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery (CSRF). An attacker could exploit this by tricking an administrative user into making malicious HTTP requests, allowing the attacker to enumera...

4.3CVSS4.5AI score0.0093EPSS

CVE•added 2020/02/12 2:15 p.m.•65 views

CVE-2019-20099

The VerifyPopServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery (CSRF). An attacker could exploit this by tricking an administrative user into making malicious HTTP requests, allowing the attacker to enumerat...

4.3CVSS4.5AI score0.00307EPSS

CVE•added 2020/02/12 2:15 p.m.•64 views

CVE-2019-20100

The Atlassian Application Links plugin is vulnerable to cross-site request forgery (CSRF). The following versions are affected: all versions prior to 5.4.21, from version 6.0.0 before version 6.0.12, from version 6.1.0 before version 6.1.2, from version 7.0.0 before version 7.0.2, and from version ...

4.7CVSS4.5AI score0.00345EPSS

CVE•added 2020/07/13 1:15 a.m.•52 views

CVE-2019-20899

The Gadget API in Atlassian Jira Server and Data Center in affected versions allows remote attackers to make Jira unresponsive via repeated requests to a certain endpoint in the Gadget API. The affected versions are before version 8.5.4, and from version 8.6.0 before 8.6.1.

5.3CVSS5.2AI score0.00742EPSS