Vulnerabilidades em Atlassian

399 resultados
CVE-2017-18084The usermacros resource in Atlassian Confluence Server before version 6.3.4 allows remote attackers to inject arbitrary HTML or JavaScript vEPSS 0.6%CVE-2021-43941Affected versions of Atlassian Jira Server and Data Center allow remote attackers to modify several resources (including CsvFieldMappingsPagEPSS 0.6%CVE-2021-26083Export HTML Report in Atlassian Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8EPSS 0.6%CVE-2017-18034The source browse resource in Atlassian Fisheye and Crucible before version 4.5.1 and 4.6.0 allows allows remote attackers that have write aEPSS 0.6%CVE-2019-15007The review resource in Atlassian Fisheye and Crucible before version 4.7.3 allows remote attackers to inject arbitrary HTML or JavaScript viEPSS 0.6%CVE-2017-16857It is possible to bypass the bitbucket auto-unapprove plugin via minimal brute-force because it is relying on asynchronous events on the bacEPSS 0.6%CVE-2017-18083The editinword resource in Atlassian Confluence Server before version 6.4.0 allows remote attackers to inject arbitrary HTML or JavaScript vEPSS 0.6%CVE-2018-5229The NotificationRepresentationFactoryImpl class in Atlassian Universal Plugin Manager before version 2.22.9 allows remote attackers to injecEPSS 0.6%CVE-2017-18082The plan configure branches resource in Atlassian Bamboo before version 6.2.3 allows remote attackers to inject arbitrary HTML or JavaScriptEPSS 0.6%CVE-2019-20416Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scEPSS 0.6%CVE-2021-43959Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to access the content of EPSS 0.6%CVE-2017-16858The 'crowd-application' plugin module (notably used by the Google Apps plugin) in Atlassian Crowd from version 1.5.0 before version 3.1.2 alEPSS 0.6%CVE-2020-36290The Livesearch macro in Confluence Server and Data Center before version 7.4.5, from version 7.5.0 before 7.6.3, and from version 7.7.0 befoEPSS 0.6%CVE-2020-4018The setup resources in Atlassian Fisheye and Crucible before version 4.8.1 allows remote attackers to complete the setup process via a crossEPSS 0.6%CVE-2020-14171Atlassian Bitbucket Server from version 4.9.0 before version 7.2.4 allows remote attackers to intercept unencrypted repository import requesEPSS 0.6%CVE-2017-18033The Jira-importers-plugin in Atlassian Jira before version 7.6.1 allows remote attackers to create new projects and abort an executing exterEPSS 0.6%CVE-2022-36803HIGHThe MasterUserEdit API in Atlassian Jira Align Server before version 10.109.2 allows An authenticated attacker with the People role permissiEPSS 0.6%CVE-2019-14999The Uninstall REST endpoint in Atlassian Universal Plugin Manager before version 2.22.19, from version 3.0.0 before version 3.0.3 and from vEPSS 0.6%CVE-2021-43945Affected versions of Atlassian Jira Server and Data Center allow remote attackers with Roadmaps Administrator permissions to inject arbitrarEPSS 0.6%CVE-2019-20405The JMX monitoring flag in Atlassian Jira Server and Data Center before version 8.6.0 allows remote attackers to turn the JMX monitoring flaEPSS 0.6%