Vulnerabilidades en Atlassian

399 resultados

CVE-2020-14179—Affected versions of Atlassian Jira Server and Data Center allow remote, unauthenticated attackers to view custom field names and custom SLAEPSS 76.0%CVE-2017-9506—The IconUriServlet of the Atlassian OAuth Plugin from version 1.3.0 before version 1.9.12 and from version 2.0.0 before version 2.0.4 allowsEPSS 71.6%CVE-2022-26133CRITICALSharedSecretClusterAuthenticator in Atlassian Bitbucket Data Center versions 5.14.0 and later before 7.6.14, 7.7.0 and later prior to 7.17.6EPSS 71.4%CVE-2022-26135MEDIUMA vulnerability in Mobile Plugin for Jira Data Center and Server allows a remote, authenticated user (including a user who joined via the siEPSS 71.2%CVE-2022-36801MEDIUMAffected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to inject arbitrary HTML or JavaScript via a RefEPSS 64.9%CVE-2019-8442—The CachingResourceDownloadRewriteRule class in Jira before version 7.13.4, and from version 8.0.0 before version 8.0.4, and from version 8.EPSS 59.8%CVE-2021-43942—Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Reflected CroEPSS 55.4%CVE-2019-3403—The /rest/api/2/user/picker rest resource in Jira before version 7.13.3, from version 8.0.0 before version 8.0.4, and from version 8.1.0 befEPSS 52.6%CVE-2020-36239CRITICALJira Data Center, Jira Core Data Center, Jira Software Data Center from version 6.3.0 before 8.5.16, from 8.6.0 before 8.13.8, from 8.14.0 bEPSS 48.9%CVE-2022-36799HIGHThis issue exists to document that a security improvement in the way that Jira Server and Data Center use templates has been implemented. AfEPSS 44.6%CVE-2021-26072—The WidgetConnector plugin in Confluence Server and Confluence Data Center before version 5.8.6 allowed remote attackers to manipulate the cEPSS 38.8%CVE-2018-5230—The issue collector in Atlassian Jira before version 7.6.6, from version 7.7.0 before version 7.7.4, from version 7.8.0 before version 7.8.4EPSS 37.6%CVE-2018-20824—The WallboardServlet resource in Jira before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site EPSS 37.6%CVE-2023-22524CRITICALCertain versions of the Atlassian Companion App for MacOS were affected by a remote code execution vulnerability. An attacker could utilize EPSS 24.7%CVE-2020-29453—The CachingResourceDownloadRewriteRule class in Jira Server and Jira Data Center before version 8.5.11, from 8.6.0 before 8.13.3, and from 8EPSS 23.1%CVE-2019-8446—The /rest/issueNav/1/issueTable resource in Jira before version 8.3.2 allows remote attackers to enumerate usernames via an incorrect authorEPSS 17.5%CVE-2023-22501CRITICALAn authentication vulnerability was discovered in Jira Service Management Server and Data Center which allows an attacker to impersonate anoEPSS 16.0%CVE-2023-22513HIGHThis High severity RCE (Remote Code Execution) vulnerability was introduced in version 8.0.0 of Bitbucket Data Center and Server. This RCE (EPSS 14.3%CVE-2023-22512HIGHThis High severity DoS (Denial of Service) vulnerability was introduced in version 5.6.0 of Confluence Data Center and Server. With a CVSS SEPSS 13.7%CVE-2023-22522CRITICALThis Template Injection vulnerability allows an authenticated attacker, including one with anonymous access, to inject unsafe user input intEPSS 12.8%

← anteriorpágina 2 / 20siguiente →