Vulnerabilities for Jira core (...) - CXSECURITY.COM

Vulnerabilities for 'Jira core'

2022-04-20

CVE-2022-0540

CWE-287

A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before 8.22.0. This also affects Atlassian Jira Service Management Server and Data Center versions before 4.13.18, versions 4.14.0 and later before 4.20.6, and versions 4.21.0 and later before 4.22.0.

2016-01-08

CVE-2015-8481

Atlassian JIRA Software 7.0.3, JIRA Core 7.0.3, and the bundled JIRA Service Desk 3.0.3 installer attaches the wrong image to e-mail notifications when a user views an issue with inline wiki markup referencing an image attachment, which might allow remote attackers to obtain sensitive information by updating a different issue that includes wiki markup for an external image reference.

>>> Vendor: Atlassian 44 Products

Jira service desk

Jira integration for hipchat

Bitbucket auto unapprove plugin

Bitbucket server

Floodlight controller

Application links

Universal plugin manager

Jira service desk server

Troubleshooting and support

Saml single sign on

Subversion application lifecycle management

Jira software data center

Navigator links

Alfresco enterprise content management

Connect express

Connect spring boot

Jira server and data center

Jira service management

Confluence data center

Confluence server

Bitbucket data center

Jira data center

Assets discovery data server

Assets discovery data center

Assets discovery cloud

Copyright 2024, cxsecurity.com