[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253164

 
 

909

 
 

197077

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 26369 Download | Alert*

The host is installed with Atlassian Jira Server before 8.5.2, 8.6.0 before 8.6.1 and is prone to a Open Redirect. A flaw is present in the application which fails to properly handle issues in os_destination parameter. Successful exploitation could allow remote attackers to redirect users to a different website which they may use as part of performing a phishing attack via an open redirect in the ...

The host is installed with Atlassian Jira Server before 8.5.4 or 8.6.0 before 8.6.1 and is prone to a denial of service. A flaw is present in the application which fails to properly handle issues in Gadget API. Successful exploitation could allow remote attackers to make Jira unresponsive via repeated requests to a certain endpoint in the Gadget API.

The host is installed with Atlassian Jira Server before 8.13.12, or 8.14.0 before 8.20.0 and is prone to an insecure direct object references (IDOR) vulnerability. A flaw is present in the application which fails to properly handle the Workload Pie Chart Gadget. Successful exploitation could allow remote attackers to view the names of private projects and private filters.

The host is installed with Atlassian Jira Server before 8.13.12, or 8.14.0 before 8.20.0 and is prone to an insecure direct object references (IDOR) vulnerability. A flaw is present in the application which fails to properly handle the Average Time in Status Gadget. Successful exploitation could allow remote attackers to view private project and filter names.

The host is installed with Atlassian Jira Server before 8.5.10, or 8.6.0 before 8.13.1 and is prone to a broken access control vulnerability. A flaw is present in the application which fails to properly handle the query component JQL endpoint. Successful exploitation could allow remote attackers to access the query component JQL Endpoint.

The host is installed with Atlassian Jira Server before 8.5.10, or 8.6.0 before 8.13.1 and is prone to a username enumeration vulnerability. A flaw is present in the application which fails to properly handle the password reset page. Successful exploitation could allow remote attackers to discover the usernames of users.

The host is installed with Atlassian Jira Server before 8.5.13, 8.6.0 before 8.13.5, or 8.14.0 before 8.15.1 and is prone to an information disclosure vulnerability. A flaw is present in the application which fails to properly handle the /rest/api/2/search endpoint. Successful exploitation could allow remote attackers to view users' emails.

The host is installed with Atlassian Jira Server before 8.5.18, 8.6.0 before 8.13.10, or 8.14.0 before 8.18.2 and is prone to an information disclosure vulnerability. A flaw is present in the application which fails to properly handle the /rest/api/latest/projectvalidate/key endpoint. Successful exploitation could allow remote attackers to enumerate the keys of private jira projects.

The host is installed with Atlassian Jira Server before 8.13.9, or 8.14.0 before 8.18.0 and is prone to a broken access control vulnerability. A flaw is present in the application which fails to properly handle the allowlist feature. Successful exploitation could allow remote attackers to continue to view cached content even after losing permissions.

The host is installed with Atlassian Jira Server before 8.5.15, 8.6.0 before 8.13.7, 8.14.0 before 8.17.1, or 8.18.0 before 8.18.1 and is prone to a reverse tabnapping vulnerability. A flaw is present in the application which fails to properly handle the Project Shortcuts feature. Successful exploitation could allow remote attackers to redirect users to a malicious URL.


Pages:      Start    1716    1717    1718    1719    1720    1721    1722    1723    1724    1725    1726    1727    1728    1729    ..   2636

© SecPod Technologies