Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
AtlassianJira

3 matches found

CVE
CVEadded 2009/06/08 7:30 p.m.41 views

CVE-2008-6831

Multiple cross-site scripting (XSS) vulnerabilities in Atlassian JIRA Enterprise Edition 3.13 allow remote attackers to inject arbitrary web script or HTML via the (1) fullname (Full Name) parameter in the ViewProfile page or (2) returnUrl parameter in a form, as demonstrated using secure/AddCommen...

4.3CVSS5.8AI score0.00485EPSS
CVE
CVEadded 2009/03/26 9:0 p.m.37 views

CVE-2008-6531

The WebWork 1 web application framework in Atlassian JIRA before 3.13.2 allows remote attackers to invoke exposed public JIRA methods via a crafted URL that is dynamically transformed into method calls, aka "WebWork 1 Parameter Injection Hole."

6.8CVSS7.1AI score0.00641EPSS
CVE
CVEadded 2009/06/08 7:30 p.m.37 views

CVE-2008-6832

Cross-site request forgery (CSRF) vulnerability in Atlassian JIRA Enterprise Edition 3.13 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party informatio...

6.8CVSS7AI score0.00142EPSS