[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 26803 Download | Alert*

The host is installed with Atlassian Jira_Server before 7.13.3, 8.0.0 before 8.0.4 or 8.1.0 before 8.1.1 and is prone to an information disclosure vulnerability. A flaw is present in the application which fails to properly handle issues in /rest/api/2/user/picker rest resource. Successful exploitation could allow remote attackers to enumerate usernames via an incorrect authorisation check.

The host is installed with Atlassian Jira_Server before 7.13.3 or 8.0.0 before 8.1.1 and is prone to a cross-site scripting vulnerability. A flaw is present in the application which fails to properly handle issues in ConfigurePortalPages.jspa. Successful exploitation could allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the searchOwne ...

The host is installed with Atlassian Jira Server 7.13.3 or 8.0.0 before 8.1.1 and is prone to an incorrect authorization vulnerability. A flaw is present in the application which fails to properly handle issues in ManageFilters.jspa resource. Successful exploitation could allow remote attackers to enumerate usernames via an incorrect authorisation check.

The host is installed with Atlassian Jira_Server before 7.13.2 or 8.0.0 before 8.0.2 and is prone to a cross-site scripting vulnerability. A flaw is present in the application which fails to properly handle issues in labels gadget. Successful exploitation could allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the jql parameter.

The host is installed with Atlassian Jira Server before 7.13.2 or 8.0.0 before 8.0.2 and is prone to an incorrect authorization vulnerability. A flaw is present in the application which fails to properly handle issues in BrowseProjects.jspa resource. Successful exploitation could allow remote attackers to see information for archived projects through a missing authorisation check.

The host is installed with Atlassian Jira Server before 8.5.2, 8.6.0 before 8.6.1 and is prone to a Open Redirect. A flaw is present in the application which fails to properly handle issues in os_destination parameter. Successful exploitation could allow remote attackers to redirect users to a different website which they may use as part of performing a phishing attack via an open redirect in the ...

The host is installed with Atlassian Jira Server before 8.5.4 or 8.6.0 before 8.6.1 and is prone to a denial of service. A flaw is present in the application which fails to properly handle issues in Gadget API. Successful exploitation could allow remote attackers to make Jira unresponsive via repeated requests to a certain endpoint in the Gadget API.

The host is installed with Atlassian Jira Server before 8.13.12, or 8.14.0 before 8.20.0 and is prone to an insecure direct object references (IDOR) vulnerability. A flaw is present in the application which fails to properly handle the Workload Pie Chart Gadget. Successful exploitation could allow remote attackers to view the names of private projects and private filters.

The host is installed with Atlassian Jira Server before 8.13.12, or 8.14.0 before 8.20.0 and is prone to an insecure direct object references (IDOR) vulnerability. A flaw is present in the application which fails to properly handle the Average Time in Status Gadget. Successful exploitation could allow remote attackers to view private project and filter names.

The host is installed with Atlassian Jira Server before 8.5.10, or 8.6.0 before 8.13.1 and is prone to a broken access control vulnerability. A flaw is present in the application which fails to properly handle the query component JQL endpoint. Successful exploitation could allow remote attackers to access the query component JQL Endpoint.


Pages:      Start    1708    1709    1710    1711    1712    1713    1714    1715    1716    1717    1718    1719    1720    1721    ..   2680

© SecPod Technologies