Vulnerabilidades en Atlassian

399 resultados

CVE-2024-21677HIGHThis High severity Path Traversal vulnerability was introduced in version 6.13.0 of Confluence Data Center. This Path Traversal vulnerabilitEPSS 0.9%CVE-2020-4024—The attachment download resource in Atlassian Jira Server and Data Center before 8.5.5, and from 8.6.0 before 8.8.2, and from 8.9.0 before 8EPSS 0.9%CVE-2017-16860—The invalidRedirectUrl template in Atlassian Application Links before version 5.2.7, from version 5.3.0 before version 5.3.4 and from versioEPSS 0.9%CVE-2017-18102—The wiki markup component of atlassian-renderer from version 8.0.0 before version 8.0.22 allows remote attackers to inject arbitrary HTML orEPSS 0.9%CVE-2019-8444—The wikirenderer component in Jira before version 7.13.6, and from version 8.0.0 before version 8.3.2 allows remote attackers to inject arbiEPSS 0.9%CVE-2019-20900—Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scEPSS 0.9%CVE-2020-4025—The attachment download resource in Atlassian Jira Server and Data Center The attachment download resource in Atlassian Jira Server and DataEPSS 0.9%CVE-2019-15011—The ListEntityLinksServlet resource in Application Links before version 5.0.12, from version 5.1.0 before version 5.2.11, from version 5.3.0EPSS 0.9%CVE-2018-20232—The labels widget gadget in Atlassian Jira before version 7.6.11 and from version 7.7.0 before version 7.13.1 allows remote attackers to injEPSS 0.9%CVE-2021-26079—The CardLayoutConfigTable component in Jira Server and Jira Data Center before version 8.5.15, and from version 8.6.0 before version 8.13.7,EPSS 0.9%CVE-2018-20241—The Edit upload resource for a review in Atlassian Fisheye and Crucible before version 4.7.0 allows remote attackers to inject arbitrary HTMEPSS 0.9%CVE-2017-18036—The Github repository importer in Atlassian Bitbucket Server before version 5.3.0 allows remote attackers to determine if a service they couEPSS 0.9%CVE-2017-18098—The searchrequest-xml resource in Atlassian Jira before version 7.6.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cEPSS 0.9%CVE-2021-26073HIGHBroken Authentication in Atlassian Connect Express (ACE) from version 3.0.2 before version 6.6.0: Atlassian Connect Express is a Node.js pacEPSS 0.9%CVE-2024-21686HIGHThis High severity Stored XSS vulnerability was introduced in versions 7.13 of Confluence Data Center and Server. This Stored XSS vulnerabiEPSS 0.9%CVE-2017-18093—Various resources in Atlassian Fisheye and Crucible before version 4.4.3 (the fixed version for 4.4.x) and before 4.5.0 allow remote attackeEPSS 0.9%CVE-2018-20240—The administrative linker functionality in Atlassian Fisheye and Crucible before version 4.7.0 allows remote attackers to inject arbitrary HEPSS 0.9%CVE-2022-43782CRITICALAffected versions of Atlassian Crowd allow an attacker to authenticate as the crowd application via security misconfiguration and subsequentEPSS 0.9%CVE-2020-14173—The file upload feature in Atlassian Jira Server and Data Center in affected versions allows remote attackers to inject arbitrary HTML or JaEPSS 0.9%CVE-2019-8450—Various templates of the Optimization plugin in Jira before version 7.13.6, and from version 8.0.0 before version 8.4.0 allow remote attackeEPSS 0.9%

← anteriorpágina 13 / 20siguiente →