shubs

2 exploits Active since Aug 2017

CVE-2022-26135 NOMISEC MEDIUM WORKING POC

Atlassian Jira <8.13.22, <8.20.10, <8.22.4 - SSRF

A vulnerability in Mobile Plugin for Jira Data Center and Server allows a remote, authenticated user (including a user who joined via the sign-up feature) to perform a full read server-side request forgery via a batch endpoint. This affects Atlassian Jira Server and Data Center from version 8.0.0 before version 8.13.22, from version 8.14.0 before 8.20.10, from version 8.21.0 before 8.22.4. This also affects Jira Management Server and Data Center versions from version 4.0.0 before 4.13.22, from version 4.14.0 before 4.20.10 and from version 4.21.0 before 4.22.4.

11 stars

CVSS 6.5

View Code

CVE-2014-5144 EXPLOITDB MEDIUM text WRITEUP

Telescope < 0.9.0 - Authenticated Stored Cross-Site Scripting via Markdown

Cross-site scripting (XSS) vulnerability in Telescope before 0.9.3 allows remote authenticated users to inject arbitrary web script or HTML via crafted markdown.

CVSS 5.4

View Code