Atlassian

Data Center

38 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2020-36238

  • EPSS 0.6%
  • Veröffentlicht 01.04.2021 03:15:13
  • Zuletzt bearbeitet 21.11.2024 05:29:07

The /rest/api/1.0/render resource in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to determine if a username is valid or n...

7.2

CVE-2021-26070

  • EPSS 0.85%
  • Veröffentlicht 22.03.2021 05:15:13
  • Zuletzt bearbeitet 21.11.2024 05:55:48

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to evade behind-the-firewall protection of app-linked resources via a Broken Authentication vulnerability in the `makeRequest` gadget resource. The affected versions ar...

5.3

CVE-2021-26069

  • EPSS 2.47%
  • Veröffentlicht 22.03.2021 05:15:12
  • Zuletzt bearbeitet 21.11.2024 05:55:48

Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to download temporary files and enumerate project keys via an Information Disclosure vulnerability in the /rest/api/1.0/issues/{id}/ActionsAndOperations...

5.3

CVE-2020-29453

  • EPSS 82.63%
  • Veröffentlicht 22.02.2021 21:15:19
  • Zuletzt bearbeitet 21.11.2024 05:24:01

The CachingResourceDownloadRewriteRule class in Jira Server and Jira Data Center before version 8.5.11, from 8.6.0 before 8.13.3, and from 8.14.0 before 8.15.0 allowed unauthenticated remote attackers to read arbitrary files within WEB-INF and META-I...

4.3

CVE-2020-29451

  • EPSS 0.16%
  • Veröffentlicht 15.02.2021 01:15:12
  • Zuletzt bearbeitet 21.11.2024 05:24:01

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to enumerate Jira projects via an Information Disclosure vulnerability in the Jira Projects plugin report page. The affected versions are before version 8.5.11, from ve...

5.3

CVE-2020-36237

  • EPSS 0.81%
  • Veröffentlicht 15.02.2021 00:15:12
  • Zuletzt bearbeitet 21.11.2024 05:29:07

Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view custom field options via an Information Disclosure vulnerability in the /rest/api/2/customFieldOption/ endpoint. The affected versions are befor...

4.8

CVE-2020-36234

  • EPSS 0.23%
  • Veröffentlicht 15.02.2021 00:15:12
  • Zuletzt bearbeitet 21.11.2024 05:29:06

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the Screens Modal view. The affected versions are before version 8.5.11, from v...

5.3

CVE-2020-14181

Exploit
  • EPSS 93.12%
  • Veröffentlicht 17.09.2020 01:15:11
  • Zuletzt bearbeitet 21.11.2024 05:02:49

Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the /ViewUserHover.jspa endpoint. The affected versions are before version 7.13.6, from version...