Jira Server@8.6.0 Security Vulnerabilities and Issues — Jira Server@8.6.0 CVE List

Lucene search

AtlassianJira Server8.6.0

2 matches found

CVE•added 2020/02/06 3:15 a.m.•113 views

CVE-2019-20106

Comment properties in Atlassian Jira Server and Data Center before version 7.13.12, from 8.0.0 before version 8.5.4, and 8.6.0 before version 8.6.1 allows remote attackers to make comments on a ticket to which they do not have commenting permissions via a broken access control bug.

4.3CVSS4.6AI score0.00277EPSS

CVE•added 2020/07/13 5:15 a.m.•49 views

CVE-2019-20901

The login.jsp resource in Jira before version 8.5.2, and from version 8.6.0 before version 8.6.1 allows remote attackers to redirect users to a different website which they may use as part of performing a phishing attack via an open redirect in the os_destination parameter.

6.1CVSS6.2AI score0.00421EPSS