The host is installed with Atlassian Jira Server before 8.5.4, 8.6.0 before 8.7.0 or 8.7.0 before 8.7.1 and is prone to a cross site scripting (XSS) vulnerability. A flaw is present in the application which fails to properly handle issues in file upload feature. Successful exploitation could allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting.
The host is installed with Atlassian Jira Server before 7.13.4, 8.5.0 before 8.5.5, 8.8.0 before 8.8.2 or 8.9.0 before 8.9.1 and is prone to Man-in-the-middle vulnerability. A flaw is present in the application which fails to properly handle issues in email client. Successful exploitation could allow remote attackers to access outgoing emails between a Jira instance and the SMTP server via man-in- ...
The host is installed with Atlassian Jira Server before 7.13.4, 8.5.0 before 8.5.5, 8.8.0 before 8.8.2 or 8.9.0 before 8.9.1 and is prone to a denial of service vulnerability. A flaw is present in the application which fails to properly handle issues in Dashboard and Gadgets. Successful exploitation could allow remote attackers to impact the application's availability via a Denial of Service (DoS) ...
The host is installed with Atlassian Jira Server before 7.13.4, 8.0.0 before 8.2.2 and is prone to an information disclosure vulnerability. A flaw is present in the application which fails to properly handle issues in login.jsp resource. Successful exploitation could allow remote attackers to enumerate usernames via an information disclosure.
The host is installed with Atlassian Jira Server 7.13.4, 8.0.0 before 8.0.4 or 8.1.0 before 8.1.1 and is prone to an authorisation bypass_vulnerability. A flaw is present in the application which fails to properly handle issues in ViewUpgrades resource. Successful exploitation could allow remote attackers to access the ViewUpgrades administrative resource without needing to re-authenticate to pass ...
The host is installed with Atlassian Jira Server before 7.13.4, 8.0.0 before 8.0.4 or 8.1.0 before 8.1.1 and is prone to an information disclosure vulnerability. A flaw is present in the application which fails to properly handle issues in CachingResourceDownloadRewriteRule class. Successful exploitation could allow remote attackers to access files in the Jira webroot under the META-INF directory ...
The host is installed with Atlassian Jira_Server before 7.13.3, 8.0.0 before 8.0.4 or 8.1.0 before 8.1.1 and is prone to an information disclosure vulnerability. A flaw is present in the application which fails to properly handle issues in /rest/api/2/user/picker rest resource. Successful exploitation could allow remote attackers to enumerate usernames via an incorrect authorisation check.
The host is installed with Atlassian Jira_Server before 7.13.3 or 8.0.0 before 8.1.1 and is prone to a cross-site scripting vulnerability. A flaw is present in the application which fails to properly handle issues in ConfigurePortalPages.jspa. Successful exploitation could allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the searchOwne ...
The host is installed with Atlassian Jira Server 7.13.3 or 8.0.0 before 8.1.1 and is prone to an incorrect authorization vulnerability. A flaw is present in the application which fails to properly handle issues in ManageFilters.jspa resource. Successful exploitation could allow remote attackers to enumerate usernames via an incorrect authorisation check.
The host is installed with Atlassian Jira_Server before 7.13.2 or 8.0.0 before 8.0.2 and is prone to a cross-site scripting vulnerability. A flaw is present in the application which fails to properly handle issues in labels gadget. Successful exploitation could allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the jql parameter.