Jira Security Vulnerabilities and Issues — Jira CVE List

Lucene search

AtlassianJira

3 matches found

CVE•added 2022/01/06 1:15 a.m.•112 views

CVE-2021-43947

Affected versions of Atlassian Jira Server and Data Center allow remote attackers with administrator privileges to execute arbitrary code via a Remote Code Execution (RCE) vulnerability in the Email Templates feature. This issue bypasses the fix of https://jira.atlassian.com/browse/JSDSERVER-8665. ...

9CVSS7.4AI score0.01812EPSS

CVE•added 2022/02/15 3:15 a.m.•111 views

CVE-2021-43953

Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to toggle the Thread Contention and CPU monitoring settings via a Cross-Site Request Forgery (CSRF) vulnerability in the /secure/admin/ViewInstrumentation.jspa endpoint. The affected versions are befor...

4.3CVSS4.7AI score0.00321EPSS

CVE•added 2022/02/28 1:15 a.m.•99 views

CVE-2021-43945

Affected versions of Atlassian Jira Server and Data Center allow remote attackers with Roadmaps Administrator permissions to inject arbitrary HTML or JavaScript via a Stored Cross-Site Scripting (SXSS) vulnerability in the /rest/jpo/1.0/hierarchyConfiguration endpoint. The affected versions are bef...

4.8CVSS4.9AI score0.00215EPSS