Vulnerabilidades en Atlassian

399 resultados

CVE-2020-4023—The review coverage resource in Atlassian Fisheye and Crucible before version 4.8.2 allows remote attackers to inject arbitrary HTML or JavaEPSS 0.8%CVE-2020-14193—Affected versions of Automation for Jira - Server allowed remote attackers to read and render files as mustache templates in files inside thEPSS 0.8%CVE-2019-20402—Support zip files in Atlassian Jira Server and Data Center before version 8.6.0 could be downloaded by a System Administrator user without rEPSS 0.8%CVE-2020-4014—The /profile/deleteWatch.do resource in Atlassian Fisheye and Crucible before version 4.8.1 allows remote attackers to remove another user'sEPSS 0.8%CVE-2020-14169—The quick search component in Atlassian Jira Server and Data Center before 8.9.1 allows remote attackers to inject arbitrary HTML or JavaScrEPSS 0.8%CVE-2018-20827—The activity stream gadget in Jira before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scrEPSS 0.8%CVE-2021-39119MEDIUMAffected versions of Atlassian Jira Server and Data Center allow users who have watched an issue to continue receiving updates on the issue EPSS 0.8%CVE-2020-4026—The CustomAppsRestResource list resource in Atlassian Navigator Links before version 3.3.23, from version 4.0.0 before version 4.3.7, from vEPSS 0.8%CVE-2023-22504MEDIUMAffected versions of Atlassian Confluence Server allow remote attackers who have read permissions to a page, but not write permissions, to uEPSS 0.7%CVE-2024-21687HIGHThis High severity File Inclusion vulnerability was introduced in versions 9.0.0, 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0 and 9.6.0 of Bamboo DataEPSS 0.7%CVE-2019-20099—The VerifyPopServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site rEPSS 0.7%CVE-2019-15008—The /plugins/servlet/branchreview resource in Atlassian Fisheye and Crucible before version 4.7.3 allows remote attackers to inject arbitrarEPSS 0.7%CVE-2021-43954—The DefaultRepositoryAdminService class in Fisheye and Crucible before version 4.8.9 allowed remote attackers, who have 'can add repository EPSS 0.7%CVE-2021-26082—The XML Export in Atlassian Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.EPSS 0.7%CVE-2019-15009—The /json/profile/removeStarAjax.do resource in Atlassian Fisheye and Crucible before version 4.8.0 allows remote attackers to remove anotheEPSS 0.7%CVE-2020-14164—The WYSIWYG editor resource in Jira Server and Data Center before version 8.8.2 allows remote attackers to inject arbitrary HTML or JavaScriEPSS 0.7%CVE-2021-39112—Affected versions of Atlassian Jira Server and Data Center allow remote attackers to redirect users to a malicious URL via a reverse tabnappEPSS 0.7%CVE-2024-21697HIGHThis High severity RCE (Remote Code Execution) vulnerability was introduced in versions 4.2.8 of Sourcetree for Mac and 3.4.19 for SourcetreEPSS 0.7%CVE-2024-21690HIGHThis High severity Reflected XSS and CSRF (Cross-Site Request Forgery) vulnerability was introduced in versions 7.19.0, 7.20.0, 8.0.0, 8.1.0EPSS 0.7%CVE-2021-39126—Affected versions of Atlassian Jira Server and Data Center allow remote attackers to modify various resources via a Cross-Site Request ForgeEPSS 0.7%

← anteriorpágina 16 / 20siguiente →