The host is installed with Atlassian Jira Server before 8.5.15, 8.6.0 before 8.13.7, 8.14.0 before 8.17.1, or 8.18.0 before 8.18.1 and is prone to a reverse tabnapping vulnerability. A flaw is present in the application which fails to properly handle the Project Shortcuts feature. Successful exploitation could allow remote attackers to redirect users to a malicious URL.
The host is installed with Atlassian Jira Server before 8.5.18, 8.6.0 before 8.13.10, or 8.14.0 before 8.18.2 and is prone to a cross-site scripting vulnerability. A flaw is present in the application which fails to properly handle the supplied content such as from a PDF when pasted into a field such as the description field. Successful exploitation could allow remote attackers to inject arbitrary ...
The host is installed with Atlassian Jira Server before 8.5.14, 8.6.0 before 8.13.6, or 8.14.0 before 8.16.1 and is prone to a cross-site scripting vulnerability. A flaw is present in the application which fails to properly handle the Export HTML Report feature. Successful exploitation could allow remote attackers to inject arbitrary html or javascript.
The host is installed with Atlassian Jira Server before 8.5.14, 8.6.0 before 8.13.6, or 8.14.0 before 8.17.0 and is prone to a stored XSS vulnerability. A flaw is present in the application which fails to properly handle the XML Export component. Successful exploitation could allow remote attackers to inject arbitrary html or javascript.
The host is installed with Atlassian Jira Server before 8.5.14, 8.6.0 before 8.13.6, or 8.14.0 before 8.16.1 and is prone to a username enumeration vulnerability. A flaw is present in the application which fails to properly handle a sensitive data exposure vulnerability in the '/rest/api/latest/user/avatar/temporary' endpoint. Successful exploitation could allow remote attackers to discover the us ...
The host is installed with Atlassian Jira Server before 8.5.15, 8.6.0 before 8.13.7, or 8.14.0 before 8.17.0 and is prone to a cross site scripting vulnerability. A flaw is present in the application which fails to properly handle the CardLayoutConfigTable component. Successful exploitation could allow remote attackers to inject arbitrary html or javascript.
The host is installed with Atlassian Jira Server before 8.5.14, 8.6.0 before 8.13.6, or 8.14.0 before 8.16.1 and is prone to a reflected XSS vulnerability. A flaw is present in the application which fails to properly handle the number range searcher component. Successful exploitation could allow remote attackers to inject arbitrary html or javascript.
The host is installed with Cacti 1.2.19 and is prone to an authentication bypass vulnerability. A flaw is present in the application, which fails to properly validate the PHP code in the web login functionality. Successful exploitation allows an attacker to use zero as the password.
The host is installed with MOVEit Transfer 11.1 before 11.1.3 and is prone to a missing authentication for critical function vulnerability. A flaw is present in the applications which fails to properly handle issues in SSH (SFTP) interface. Successful exploitation allow remote attackers to sign in without full credentials via the SSH (SFTP) interface. The vulnerability affects only certain SSH (S ...
The host is installed with MOVEit Transfer 11.1 before 11.1.3, 11.0 before 11.0.4 or 10.2.0 and less than 10.2.6 and is prone to a Multiple sql injection vulnerabilities vulnerability. A flaw is present in the applications which fails to properly handle issues in database. Successful exploitation allow remote attackers to to gain unauthorized access to MOVEit Transfer's database. Depending on the ...