Atlassian

Jira Data Center

79 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2020-14174

  • EPSS 0.26%
  • Veröffentlicht 13.07.2020 05:15:11
  • Zuletzt bearbeitet 21.11.2024 05:02:47

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view titles of a private project via an Insecure Direct Object References (IDOR) vulnerability in the Administration Permission Helper. The affected versions are bef...

4.8

CVE-2019-20900

  • EPSS 0.34%
  • Veröffentlicht 13.07.2020 01:15:13
  • Zuletzt bearbeitet 21.11.2024 04:39:38

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the Add Field module. The affected versions are before version 8.7.0.

5.3

CVE-2019-20899

  • EPSS 0.74%
  • Veröffentlicht 13.07.2020 01:15:13
  • Zuletzt bearbeitet 21.11.2024 04:39:38

The Gadget API in Atlassian Jira Server and Data Center in affected versions allows remote attackers to make Jira unresponsive via repeated requests to a certain endpoint in the Gadget API. The affected versions are before version 8.5.4, and from ver...

6.5

CVE-2019-20897

  • EPSS 0.83%
  • Veröffentlicht 13.07.2020 01:15:11
  • Zuletzt bearbeitet 21.11.2024 04:39:38

The avatar upload feature in affected versions of Atlassian Jira Server and Data Center allows remote attackers to achieve Denial of Service via a crafted PNG file. The affected versions are before version 8.5.4, from version 8.6.0 before 8.6.2, and ...

5.4

CVE-2020-14173

  • EPSS 0.28%
  • Veröffentlicht 03.07.2020 02:15:10
  • Zuletzt bearbeitet 21.11.2024 05:02:47

The file upload feature in Atlassian Jira Server and Data Center in affected versions allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability. The affected versions are before version 8.5.4, from ...

7.8

CVE-2019-20419

  • EPSS 0.82%
  • Veröffentlicht 03.07.2020 02:15:10
  • Zuletzt bearbeitet 21.11.2024 04:38:25

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to execute arbitrary code via a DLL hijacking vulnerability in Tomcat. The affected versions are before version 8.5.5, and from version 8.6.0 before 8.7.2.

5.4

CVE-2020-4024

  • EPSS 0.33%
  • Veröffentlicht 01.07.2020 02:15:12
  • Zuletzt bearbeitet 21.11.2024 05:32:10

The attachment download resource in Atlassian Jira Server and Data Center before 8.5.5, and from 8.6.0 before 8.8.2, and from 8.9.0 before 8.9.1 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerabi...

6.1

CVE-2020-4022

  • EPSS 0.41%
  • Veröffentlicht 01.07.2020 02:15:12
  • Zuletzt bearbeitet 21.11.2024 05:32:10

The attachment download resource in Atlassian Jira Server and Data Center before 8.5.5, and from 8.6.0 before 8.8.2, and from 8.9.0 before 8.9.1 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerabi...

4.8

CVE-2020-4025

  • EPSS 0.34%
  • Veröffentlicht 01.07.2020 02:15:12
  • Zuletzt bearbeitet 21.11.2024 05:32:10

The attachment download resource in Atlassian Jira Server and Data Center The attachment download resource in Atlassian Jira Server and Data Center before 8.5.5, and from 8.6.0 before 8.8.2, and from 8.9.0 before 8.9.1 allows remote attackers to inje...

4.3

CVE-2020-4029

  • EPSS 0.39%
  • Veröffentlicht 01.07.2020 02:15:12
  • Zuletzt bearbeitet 21.11.2024 05:32:11

The /rest/project-templates/1.0/createshared resource in Atlassian Jira Server and Data Center before version 8.5.5, from 8.6.0 before 8.7.2, and from 8.8.0 before 8.8.1 allows remote attackers to enumerate project names via an improper authorization...