Jira Service Management Security Vulnerabilities and Issues — Jira Service Management CVE List

Lucene search

AtlassianJira Service Management

3 matches found

CVE•added 2022/02/15 4:15 a.m.•100 views

CVE-2021-43948

Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view the names of private objects via an Improper Authorization vulnerability in the "Move objects" feature. The affected versions are before version 4.21.0.

4.3CVSS4.5AI score0.0037EPSS

CVE•added 2022/02/15 3:15 a.m.•99 views

CVE-2021-43950

Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view import source configuration information via a Broken Access Control vulnerability in the Insight Import Source feature. The affected versions are before version 4.21.0.

4.3CVSS4.4AI score0.0037EPSS

CVE•added 2022/02/24 5:15 a.m.•90 views

CVE-2021-43943

Affected versions of Atlassian Jira Service Management Server and Data Center allow attackers with administrator privileges to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the "Object Schema" field of /secure/admin/InsightDefaultCustomFieldConfig.jspa. The a...

4.8CVSS4.8AI score0.00519EPSS