The host is installed with Atlassian Jira Server before 8.5.10 or 8.6.0 before 8.13.2 and is prone to an information disclosure vulnerability. A flaw is present in the application which fails to properly handle issues in board metadata. Successful exploitation could allow remote attackers to view the metadata of boards they should not have access to via an Insecure Direct Object References (IDOR) ...
The host is installed with Atlassian Jira Server before 8.5.11, 8.6.0 before 8.13.3 or 8.14.0 before 8.15.0 and is prone to an information disclosure vulnerability. A flaw is present in the application which fails to properly handle issues in CachingResourceDownloadRewriteRule class. Successful exploitation could allow remote attackers to read arbitrary files within WEB-INF and META-INF directorie ...
The host is installed with Atlassian Jira Server before 8.5.11, 8.6.0 before 8.13.3 or 8.14.0 before 8.14.1 and is prone to an information disclosure vulnerability. A flaw is present in the application which fails to properly handle issues in Jira Projects plugin report page. Successful exploitation could allow remote attackers to enumerate Jira projects in the Jira Projects plugin report page.
The host is installed with Atlassian Jira Server before 8.5.9, 8.6.0 before 8.12.3 or 8.13.0 before 8.13.1 and is prone to a cross-site scripting vulnerability. A flaw is present in the application which fails to properly handle issues in Jira issue filter export files. Successful exploitation could allow remote attackers to inject arbitrary HTML or JavaScript.
The host is installed with Atlassian Jira Server before 8.5.4, 8.6.0 before 8.7.0 or 8.7.0 before 8.7.1 and is prone to a cross site scripting (XSS) vulnerability. A flaw is present in the application which fails to properly handle issues in file upload feature. Successful exploitation could allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting.
The host is installed with Atlassian Jira Server before 7.13.4, 8.5.0 before 8.5.5, 8.8.0 before 8.8.2 or 8.9.0 before 8.9.1 and is prone to Man-in-the-middle vulnerability. A flaw is present in the application which fails to properly handle issues in email client. Successful exploitation could allow remote attackers to access outgoing emails between a Jira instance and the SMTP server via man-in- ...
The host is installed with Atlassian Jira Server before 7.13.4, 8.5.0 before 8.5.5, 8.8.0 before 8.8.2 or 8.9.0 before 8.9.1 and is prone to a denial of service vulnerability. A flaw is present in the application which fails to properly handle issues in Dashboard and Gadgets. Successful exploitation could allow remote attackers to impact the application's availability via a Denial of Service (DoS) ...
The host is installed with Atlassian Jira Server before 7.13.4, 8.0.0 before 8.2.2 and is prone to an information disclosure vulnerability. A flaw is present in the application which fails to properly handle issues in login.jsp resource. Successful exploitation could allow remote attackers to enumerate usernames via an information disclosure.
The host is installed with Atlassian Jira Server 7.13.4, 8.0.0 before 8.0.4 or 8.1.0 before 8.1.1 and is prone to an authorisation bypass_vulnerability. A flaw is present in the application which fails to properly handle issues in ViewUpgrades resource. Successful exploitation could allow remote attackers to access the ViewUpgrades administrative resource without needing to re-authenticate to pass ...
The host is installed with Atlassian Jira Server before 7.13.4, 8.0.0 before 8.0.4 or 8.1.0 before 8.1.1 and is prone to an information disclosure vulnerability. A flaw is present in the application which fails to properly handle issues in CachingResourceDownloadRewriteRule class. Successful exploitation could allow remote attackers to access files in the Jira webroot under the META-INF directory ...