Jira Security Vulnerabilities and Issues — Jira CVE List

Lucene search

AtlassianJira

4 matches found

CVE•added 2018/04/10 1:29 p.m.•64 views

CVE-2017-18101

Various administrative external system import resources in Atlassian JIRA Server (including JIRA Core) before version 7.6.5, from version 7.7.0 before version 7.7.3, from version 7.8.0 before version 7.8.3 and before version 7.9.0 allow remote attackers to run import operations and to determine if ...

6.5CVSS6.4AI score0.00384EPSS

CVE•added 2018/04/10 1:29 p.m.•54 views

CVE-2017-18100

The agile wallboard gadget in Atlassian Jira before version 7.8.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of quick filters.

6.1CVSS5.9AI score0.00173EPSS

CVE•added 2018/04/06 1:29 p.m.•49 views

CVE-2017-18098

The searchrequest-xml resource in Atlassian Jira before version 7.6.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through various fields.

6.1CVSS5.9AI score0.00225EPSS

CVE•added 2018/04/06 1:29 p.m.•45 views

CVE-2017-18097

The Trello board importer resource in Atlassian Jira before version 7.6.1 allows remote attackers who can convince a Jira administrator to import their Trello board to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the title of a Trello card.

5.4CVSS5.4AI score0.0018EPSS