atlassian

468 tracked vulnerabilities.

CVE-2020-14184 MEDIUM
Atlassian Jira < 8.5.9, 8.6.0-8.12.3, 8.13.0-8.13.1 - Cross-Site Scripting via Issue Filter Export Files
Oct 12, 2020
CVSS 5.4
EPSS 0.00
CVE-2020-14183 MEDIUM
Jira Server & Data Center < 7.13.18, 8.0.0-8.5.9, 8.6.0-8.12.1 - Information Disclosure via HTTP Headers
Oct 06, 2020
CVSS 4.3
EPSS 0.00
CVE-2020-14180 MEDIUM
Atlassian Jira Service Desk < 4.12.0 - Authenticated Information Disclosure via Editform Request-Type-Fields Resource
Sep 21, 2020
CVSS 4.3
EPSS 0.00
CVE-2020-14179 MEDIUM NUCLEI
Atlassian Jira Server/Data Center <8.5.8, 8.6.0-8.11.1 - Unauthenticated Info Disclosure
Sep 21, 2020
CVSS 5.3
EPSS 0.93
CVE-2020-14177 MEDIUM
Atlassian Jira Server/Data Center DoS via JQL Version Search Regex
Sep 21, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-14181 MEDIUM NUCLEI
Atlassian Jira Server/Data Center <7.13.6, 8.0.0-8.5.7 - User Enumeration via ViewUserHover.jspa
Sep 17, 2020
CVSS 5.3
EPSS 0.93
CVE-2020-14178 HIGH
Atlassian Jira < 7.13.7, 8.0.0-8.5.8, 8.6.0-8.12.0 - Information Disclosure via /browse.PROJECTKEY Endpoint
Sep 01, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-14175 MEDIUM
Atlassian Confluence Server and Data Center < 7.4.2 and 7.5.0-7.5.2 - Cross-Site Scripting via User Macro Parameters
Jul 24, 2020
CVSS 5.4
EPSS 0.00
CVE-2020-14174 MEDIUM
Atlassian Jira <7.13.16, 8.0.0-8.5.7, 8.6.0-8.9.2, 8.10.0-8.10.1 - Insecure Direct Object Reference
Jul 13, 2020
CVSS 4.3
EPSS 0.00
CVE-2020-14171 MEDIUM
Atlassian Bitbucket 4.9.0-7.2.4 - Cleartext Transmission of Sensitive Information via Repository Import Requests
Jul 09, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-14170 MEDIUM
Atlassian Bitbucket 5.4.0-7.3.0 - Server-Side Request Forgery via Webhooks
Jul 09, 2020
CVSS 4.3
EPSS 0.00
CVE-2020-14173 MEDIUM
Atlassian Jira < 8.5.4, 8.6.0-8.6.2, 8.7.0-8.7.1 - Stored Cross-Site Scripting via File Upload Feature
Jul 03, 2020
CVSS 5.4
EPSS 0.00
CVE-2020-14172 CRITICAL
Atlassian Jira <7.13.0, 8.0.0-8.5.0, 8.6.0-8.8.1 - RCE via Insecure Deserialization
Jul 03, 2020
CVSS 9.8
EPSS 0.05
CVE-2020-4029 MEDIUM
Atlassian Jira Server/Data Center <8.5.5, <8.6.0-8.7.2, <8.8.0-8.8....
Jul 01, 2020
CVSS 4.3
EPSS 0.00
CVE-2020-4027 MEDIUM
Atlassian Confluence < 7.4.5 and 7.5.0 - Authenticated Velocity Template Injection via Custom User Macros
Jul 01, 2020
CVSS 4.7
EPSS 0.00
CVE-2020-4025 MEDIUM
Atlassian Jira < 8.5.5, 8.6.0-8.8.2 - Cross-Site Scripting via RDF Attachment Download
Jul 01, 2020
CVSS 4.8
EPSS 0.00
CVE-2020-4024 MEDIUM
Atlassian Jira < 8.5.5, 8.6.0-8.8.2, 8.9.0-8.9.1 - Cross-Site Scripting via vnd.wap.xhtml+xml Attachment
Jul 01, 2020
CVSS 5.4
EPSS 0.00
CVE-2020-4022 MEDIUM
Atlassian Jira < 8.5.5, 8.6.0-8.8.2, 8.9.0-8.9.1 - Cross-Site Scripting via Mixed Multipart Attachment Download
Jul 01, 2020
CVSS 6.1
EPSS 0.00
CVE-2020-14169 MEDIUM
Atlassian Jira < 8.9.1 - Cross-Site Scripting in Quick Search Component
Jul 01, 2020
CVSS 6.1
EPSS 0.00
CVE-2020-14168 MEDIUM
Jira Server/Data Center <7.13.16, <8.5.7, <8.8.2, <8.9.1 - Info Dis...
Jul 01, 2020
CVSS 5.9
EPSS 0.00
CVE-2020-14167 HIGH
Atlassian Jira < 7.13.14, 8.5.0-8.5.5, 8.8.0-8.8.2, 8.9.0-8.9.1 - Denial of Service via MessageBundleResource
Jul 01, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-14166 MEDIUM
Jira Service Desk < 4.10.0 - Authenticated Stored Cross-Site Scripting via HTML File Upload
Jul 01, 2020
CVSS 4.8
EPSS 0.01
CVE-2020-14165 MEDIUM
Jira Server/Data Center <8.9.0 - Info Disclosure
Jul 01, 2020
CVSS 5.3
EPSS 0.00
CVE-2020-14164 MEDIUM
Jira < 8.8.2 - Cross-Site Scripting via WYSIWYG Editor
Jul 01, 2020
CVSS 6.1
EPSS 0.00
CVE-2020-4028 MEDIUM
Jira < 8.9.1 - Unauthenticated Information Disclosure via 404 Response
Jun 23, 2020
CVSS 5.3
EPSS 0.00
Products
jira 142 jira_server 135 jira_data_center 79 crucible 52 fisheye 52 confluence_server 49 jira_software_data_center 39 data_center 38 confluence_data_center 36 bamboo 24 crowd 24 bitbucket 20 confluence 19 jira_service_management 16 sourcetree 15 jira_align 13 jira_service_desk 12 application_links 7 Atlassian Fisheye and Crucible 5 hipchat 5 agiloft 4 floodlight 4 Bamboo 3 bitbucket_data_center 3 companion 3 hipchat_server 3 questions_for_confluence 3 universal_plugin_manager 3 Atlassian Crucible 2 Bamboo Data Center 2
Quick Filters
Critical CVEs With Exploits In CISA KEV