CVE-2021-43950
- EPSS 0.37%
- Veröffentlicht 15.02.2022 03:15:07
- Zuletzt bearbeitet 21.11.2024 06:30:04
Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view import source configuration information via a Broken Access Control vulnerability in the Insight Import Source feature. The aff...
CVE-2021-43949
- EPSS 0.32%
- Veröffentlicht 10.01.2022 16:15:09
- Zuletzt bearbeitet 21.11.2024 06:30:04
Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view private objects via a Broken Access Control vulnerability in the Custom Fields feature. The affected versions are before versio...
CVE-2021-43951
- EPSS 0.32%
- Veröffentlicht 10.01.2022 16:15:09
- Zuletzt bearbeitet 21.11.2024 06:30:04
Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view object import configuration details via an Information Disclosure vulnerability in the Create Object type mapping feature. The ...
- EPSS 25.74%
- Veröffentlicht 01.09.2021 23:15:07
- Zuletzt bearbeitet 21.11.2024 06:18:36
Affected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers with "Jira Administrators" access to execute arbitrary Java code or run arbitrary system commands via a Server_Side Template Injection vulnerability ...
CVE-2020-36239
- EPSS 16.17%
- Veröffentlicht 29.07.2021 11:15:07
- Zuletzt bearbeitet 21.11.2024 05:29:07
Jira Data Center, Jira Core Data Center, Jira Software Data Center from version 6.3.0 before 8.5.16, from 8.6.0 before 8.13.8, from 8.14.0 before 8.17.0 and Jira Service Management Data Center from version 2.0.2 before 4.5.16, from version 4.6.0 befo...
CVE-2019-13990
- EPSS 7.95%
- Veröffentlicht 26.07.2019 19:15:11
- Zuletzt bearbeitet 21.11.2024 04:25:50
initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description.