Jira Security Vulnerabilities and Issues — Jira CVE List

Lucene search

AtlassianJira

3 matches found

CVE•added 2020/10/06 11:15 p.m.•96 views

CVE-2020-14183

Affected versions of Jira Server & Data Center allow a remote attacker with limited (non-admin) privileges to view a Jira instance's Support Entitlement Number (SEN) via an Information Disclosure vulnerability in the HTTP Response headers. The affected versions are before version 7.13.18, from vers...

4.3CVSS4.4AI score0.00312EPSS

CVE•added 2020/10/12 4:15 a.m.•81 views

CVE-2020-14184

Affected versions of Atlassian Jira Server allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in Jira issue filter export files. The affected versions are before 8.5.9, from version 8.6.0 before 8.12.3, and from version 8.13.0 before 8.13.1.

5.4CVSS5.3AI score0.00228EPSS

CVE•added 2020/10/15 10:15 p.m.•75 views

CVE-2020-14185

Affected versions of Jira Server allow remote unauthenticated attackers to enumerate issue keys via a missing permissions check in the ActionsAndOperations resource. The affected versions are before 7.13.18, from version 8.0.0 before 8.5.9, and from version 8.6.0 before version 8.12.2.

5.3CVSS5.2AI score0.0071EPSS