Jira Software Data Center Security Vulnerabilities and Issues — Jira Software Data Center CVE List

Lucene search

AtlassianJira Software Data Center

3 matches found

CVE•added 2021/02/15 12:15 a.m.•91 views

CVE-2020-36236

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the ViewWorkflowSchemes.jspa and ListWorkflows.jspa endpoints. The affected versions are before version 8.5.11, from version 8.6...

6.1CVSS5.8AI score0.0047EPSS

CVE•added 2021/02/15 12:15 a.m.•84 views

CVE-2020-36235

Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view custom field and custom SLA names via an Information Disclosure vulnerability in the mobile site view. The affected versions are before version 8.13.2, and from version 8.14.0 before 8.14.1.

5.3CVSS5.1AI score0.00947EPSS

CVE•added 2021/02/02 12:15 a.m.•74 views

CVE-2020-36231

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view the metadata of boards they should not have access to via an Insecure Direct Object References (IDOR) vulnerability. The affected versions are before version 8.5.10, and from version 8.6.0 before 8.13.2.

4.3CVSS4.7AI score0.0027EPSS