Jira Server Security Vulnerabilities and Issues — Jira Server CVE List

Lucene search

AtlassianJira Server

3 matches found

CVE•added 2022/01/06 1:15 a.m.•112 views

CVE-2021-43947

Affected versions of Atlassian Jira Server and Data Center allow remote attackers with administrator privileges to execute arbitrary code via a Remote Code Execution (RCE) vulnerability in the Email Templates feature. This issue bypasses the fix of https://jira.atlassian.com/browse/JSDSERVER-8665. ...

9CVSS7.4AI score0.01812EPSS

CVE•added 2022/01/05 4:15 a.m.•84 views

CVE-2021-43946

Affected versions of Atlassian Jira Server and Data Center allow authenticated remote attackers to add administrator groups to filter subscriptions via a Broken Access Control vulnerability in the /secure/EditSubscription.jspa endpoint. The affected versions are before version 8.13.21, and from ver...

6.5CVSS6.3AI score0.00285EPSS

CVE•added 2022/01/04 3:15 a.m.•63 views

CVE-2021-43942

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Reflected Cross-Site Scripting (XSS) vulnerability in the /rest/collectors/1.0/template/custom endpoint. To exploit this issue, the attacker must trick a user into visiting...

6.1CVSS5.9AI score0.02788EPSS