[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248364

 
 

909

 
 

195388

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 31188 Download | Alert*

The host is installed with Atlassian Jira_Server before 7.13.2 or 8.0.0 before 8.0.2 and is prone to a cross-site scripting vulnerability. A flaw is present in the application which fails to properly handle issues in labels gadget. Successful exploitation could allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the jql parameter.

The host is installed with Atlassian Jira Server before 7.13.2 or 8.0.0 before 8.0.2 and is prone to an incorrect authorization vulnerability. A flaw is present in the application which fails to properly handle issues in BrowseProjects.jspa resource. Successful exploitation could allow remote attackers to see information for archived projects through a missing authorisation check.

The host is installed with Atlassian Jira Server before 8.5.2, 8.6.0 before 8.6.1 and is prone to a Open Redirect. A flaw is present in the application which fails to properly handle issues in os_destination parameter. Successful exploitation could allow remote attackers to redirect users to a different website which they may use as part of performing a phishing attack via an open redirect in the ...

The host is installed with Atlassian Jira Server before 8.5.4 or 8.6.0 before 8.6.1 and is prone to a denial of service. A flaw is present in the application which fails to properly handle issues in Gadget API. Successful exploitation could allow remote attackers to make Jira unresponsive via repeated requests to a certain endpoint in the Gadget API.

The host is installed with Atlassian Jira Server before 8.13.12, or 8.14.0 before 8.20.0 and is prone to an insecure direct object references (IDOR) vulnerability. A flaw is present in the application which fails to properly handle the Workload Pie Chart Gadget. Successful exploitation could allow remote attackers to view the names of private projects and private filters.

The host is installed with Atlassian Jira Server before 8.13.12, or 8.14.0 before 8.20.0 and is prone to an insecure direct object references (IDOR) vulnerability. A flaw is present in the application which fails to properly handle the Average Time in Status Gadget. Successful exploitation could allow remote attackers to view private project and filter names.

The host is installed with Atlassian Jira Server before 8.5.10, or 8.6.0 before 8.13.1 and is prone to a broken access control vulnerability. A flaw is present in the application which fails to properly handle the query component JQL endpoint. Successful exploitation could allow remote attackers to access the query component JQL Endpoint.

The host is installed with Atlassian Jira Server before 8.5.10, or 8.6.0 before 8.13.1 and is prone to a username enumeration vulnerability. A flaw is present in the application which fails to properly handle the password reset page. Successful exploitation could allow remote attackers to discover the usernames of users.

The host is installed with Atlassian Jira Server before 8.5.13, 8.6.0 before 8.13.5, or 8.14.0 before 8.15.1 and is prone to an information disclosure vulnerability. A flaw is present in the application which fails to properly handle the /rest/api/2/search endpoint. Successful exploitation could allow remote attackers to view users' emails.

The host is installed with Atlassian Jira Server before 8.5.18, 8.6.0 before 8.13.10, or 8.14.0 before 8.18.2 and is prone to an information disclosure vulnerability. A flaw is present in the application which fails to properly handle the /rest/api/latest/projectvalidate/key endpoint. Successful exploitation could allow remote attackers to enumerate the keys of private jira projects.


Pages:      Start    1931    1932    1933    1934    1935    1936    1937    1938    1939    1940    1941    1942    1943    1944    ..   3118

© SecPod Technologies