atlassian

468 tracked vulnerabilities.

CVE-2017-16864 MEDIUM
Jira < 7.4.2 - Cross-Site Scripting via Orderby Parameter
Jan 12, 2018
CVSS 6.1
EPSS 0.00
CVE-2017-16862 MEDIUM
Atlassian Jira < 7.6.2 - Cross-Site Request Forgery in IncomingMailServers Resource
Jan 12, 2018
CVSS 4.3
EPSS 0.00
CVE-2017-14594 MEDIUM
Atlassian Jira <7.2.12, >7.3.0-7.6.1 - XSS
Jan 12, 2018
CVSS 6.1
EPSS 0.00
CVE-2017-14590 CRITICAL
Atlassian Bamboo 2.7.0-6.1.5 and 6.2.0-6.2.4 - Authenticated Remote Code Execution via Mercurial Branch Name Injection
Dec 13, 2017
CVSS 9.1
EPSS 0.00
CVE-2017-14589 CRITICAL
Atlassian Bamboo < 6.1.6 and 6.2.0-6.2.5 - Authenticated Remote Code Execution via FreeMarker OGNL Evaluation
Dec 13, 2017
CVSS 9.6
EPSS 0.00
CVE-2017-16857 HIGH
Bitbucket Auto-Unapprove - Auth Bypass
Dec 05, 2017
CVSS 8.5
EPSS 0.00
CVE-2017-16856 MEDIUM
Atlassian Confluence < 6.5.2 - Stored Cross-Site Scripting via RSS Feed Macro
Dec 05, 2017
CVSS 6.1
EPSS 0.00
CVE-2017-14591 CRITICAL
Atlassian Fisheye/Crucible <4.4.3 & 4.5.0 - Code Injection
Nov 29, 2017
CVSS 9.0
EPSS 0.01
CVE-2017-14586 CRITICAL
Hipchat for Mac 4.0-4.30 - Remote Code Execution via Video Call Link Parsing
Nov 27, 2017
CVSS 9.8
EPSS 0.03
CVE-2017-14585 HIGH
Hipchat Server <2.2.6, Hipchat Data Center <3.1.0 - SSRF
Nov 27, 2017
CVSS 7.2
EPSS 0.02
CVE-2017-9514 HIGH
Bamboo <6.0.5, <6.1.x-6.1.4, <6.2.x-6.2.1 - Code Injection
Oct 12, 2017
CVSS 8.8
EPSS 0.00
CVE-2017-14588 MEDIUM
Atlassian Fisheye/Crucible <4.4.2 - XSS
Oct 11, 2017
CVSS 6.1
EPSS 0.00
CVE-2017-14587 MEDIUM
Atlassian Fisheye/Crucible <4.4.2 - XSS
Oct 11, 2017
CVSS 5.4
EPSS 0.00
CVE-2017-9511 HIGH
Atlassian Fisheye/Crucible <4.4.1 - Path Traversal
Aug 24, 2017
CVSS 7.5
EPSS 0.01
CVE-2017-9512 HIGH
Atlassian Fisheye/Crucible <4.4.1 - Info Disclosure
Aug 24, 2017
CVSS 7.5
EPSS 0.01
CVE-2017-9510 MEDIUM
Atlassian Fisheye < 4.4.1 - Cross-Site Scripting via Start and End Date Parameters
Aug 24, 2017
CVSS 5.4
EPSS 0.00
CVE-2017-9509 MEDIUM
Atlassian Crucible < 4.4.1 - Cross-Site Scripting via File Charset Parameter
Aug 24, 2017
CVSS 5.4
EPSS 0.00
CVE-2017-9508 MEDIUM
Atlassian Fisheye/Crucible <4.4.1 - XSS
Aug 24, 2017
CVSS 5.4
EPSS 0.00
CVE-2017-9507 MEDIUM
Atlassian Crucible 4.1.0-4.4.0 - Cross-Site Scripting via Review Filter Title Parameter
Aug 24, 2017
CVSS 5.4
EPSS 0.00
CVE-2017-9506 MEDIUM NUCLEI
Atlassian OAuth Plugin <1.9.12, <2.0.4 - SSRF/XSS
Aug 23, 2017
CVSS 6.1
EPSS 0.29
CVE-2017-9505 MEDIUM
Atlassian Confluence <6.2.1 - Info Disclosure
Jun 15, 2017
CVSS 4.3
EPSS 0.00
CVE-2017-8907 HIGH
Atlassian Bamboo <5.15.7-6.0.1 - RCE
Jun 14, 2017
CVSS 8.8
EPSS 0.00
CVE-2017-8080 HIGH
Hipchat Server < 2.2.3 - Authenticated Remote Code Execution via Image Upload
May 05, 2017
CVSS 8.8
EPSS 0.02
CVE-2017-8058 MEDIUM
Atlassian HipChat < 3.16.1 - Improper Certificate Validation in Login API
May 05, 2017
CVSS 5.9
EPSS 0.00
CVE-2017-8768 CRITICAL
Atlassian SourceTree < 2.5c - OS Command Injection via sourcetree:// URL Scheme
May 04, 2017
CVSS 9.8
EPSS 0.08
Products
jira 142 jira_server 135 jira_data_center 79 crucible 52 fisheye 52 confluence_server 49 jira_software_data_center 39 data_center 38 confluence_data_center 36 bamboo 24 crowd 24 bitbucket 20 confluence 19 jira_service_management 16 sourcetree 15 jira_align 13 jira_service_desk 12 application_links 7 Atlassian Fisheye and Crucible 5 hipchat 5 agiloft 4 floodlight 4 Bamboo 3 bitbucket_data_center 3 companion 3 hipchat_server 3 questions_for_confluence 3 universal_plugin_manager 3 Atlassian Crucible 2 Bamboo Data Center 2
Quick Filters
Critical CVEs With Exploits In CISA KEV