Jira Server Security Vulnerabilities and Issues — Jira Server CVE List

Lucene search

AtlassianJira Server

3 matches found

CVE•added 2021/07/20 4:15 a.m.•110 views

CVE-2021-26081

REST API in Atlassian Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.0 before 8.16.1 allows remote attackers to enumerate usernames via a Sensitive Data Exposure vulnerability in the /rest/api/latest/user/avatar/temporary endpoint.

5.3CVSS5.2AI score0.00379EPSS

CVE•added 2021/07/20 4:15 a.m.•84 views

CVE-2021-26083

Export HTML Report in Atlassian Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.0 before 8.16.1 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability.

5.4CVSS5.2AI score0.00257EPSS

CVE•added 2021/07/20 4:15 a.m.•81 views

CVE-2021-26082

The XML Export in Atlassian Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.0 before 8.17.0 allows remote attackers to inject arbitrary HTML or JavaScript via a stored cross site scripting vulnerability.

5.4CVSS5.3AI score0.0031EPSS