Vulnerabilidades en Atlassian

399 resultados
CVE-2017-16861It was possible for double OGNL evaluation in certain redirect action and in WebWork URL and Anchor tags in JSP files to occur. An attacker EPSS 2.0%CVE-2017-9512HIGHThe mostActiveCommitters.do resource in Atlassian Fisheye and Crucible, before version 4.4.1 allows anonymous remote attackers to access senEPSS 2.0%CVE-2021-26070Affected versions of Atlassian Jira Server and Data Center allow remote attackers to evade behind-the-firewall protection of app-linked resoEPSS 2.0%CVE-2018-13396There was an argument injection vulnerability in Sourcetree for macOS from version 1.0b2 before version 3.0.0 via Git subrepositories in MerEPSS 1.9%CVE-2020-14166The /servicedesk/customer/portals resource in Jira Service Desk Server and Data Center before version 4.10.0 allows remote attackers with prEPSS 1.9%CVE-2019-15006There was a man-in-the-middle (MITM) vulnerability present in the Confluence Previews plugin in Confluence Server and Confluence Data CenterEPSS 1.9%CVE-2019-20412The Convert Sub-Task to Issue page in affected versions of Atlassian Jira Server and Data Center allow remote attackers to enumerate the folEPSS 1.9%CVE-2019-20897The avatar upload feature in affected versions of Atlassian Jira Server and Data Center allows remote attackers to achieve Denial of ServiceEPSS 1.9%CVE-2017-14589It was possible for double OGNL evaluation in FreeMarker templates through Struts FreeMarker tags to occur. An attacker who has restricted aEPSS 1.9%CVE-2020-14185Affected versions of Jira Server allow remote unauthenticated attackers to enumerate issue keys via a missing permissions check in the ActioEPSS 1.9%CVE-2019-20410Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view sensitive information via an Information DisclosurEPSS 1.9%CVE-2022-26137HIGHA vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to cause additional Servlet Filters to be invoked wEPSS 1.9%CVE-2021-39128HIGHAffected versions of Atlassian Jira Server or Data Center using the Jira Service Management addon allow remote attackers with JIRA AdministrEPSS 1.8%CVE-2018-20233The Upload add-on resource in Atlassian Universal Plugin Manager before version 2.22.14 allows remote attackers who have system administratoEPSS 1.8%CVE-2021-39113HIGHAffected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to continue to view cached content even after loEPSS 1.8%CVE-2019-8448The login.jsp resource in Jira before version 7.13.4, and from version 8.0.0 before version 8.2.2 allows remote attackers to enumerate usernEPSS 1.8%CVE-2023-22506HIGHThis High severity Injection and RCE (Remote Code Execution) vulnerability known as CVE-2023-22506 was introduced in version 8.0.0 of BambooEPSS 1.8%CVE-2017-18113HIGHThe DefaultOSWorkflowConfigurator class in Jira Server and Jira Data Center before version 8.18.1 allows remote attackers who can trick a syEPSS 1.8%CVE-2018-13391The ProfileLinkUserFormat component of Jira Server before version 7.6.8, from version 7.7.0 before version 7.7.5, from version 7.8.0 before EPSS 1.8%CVE-2017-18087The download commit resource in Atlassian Bitbucket Server from version 5.1.0 before version 5.1.7, from version 5.2.0 before version 5.2.5,EPSS 1.8%