Jira CVEs and Security Vulnerabilities - OpenCVE

Filtered by vendor Atlassian Subscriptions

Filtered by product Jira Subscriptions

Search

Switch to Advanced Search (Beta)

Total 145 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2017-16864	1 Atlassian	1 Jira	2024-11-21	N/A
The issue search resource in Atlassian Jira before version 7.4.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the orderby parameter.
CVE-2017-16863	1 Atlassian	1 Jira	2024-11-21	N/A
The PieChart gadget in Atlassian Jira before version 7.5.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the name of a project or filter.
CVE-2017-16862	1 Atlassian	1 Jira	2024-11-21	N/A
The IncomingMailServers resource in Atlassian Jira before version 7.6.2 allows remote attackers to modify the "incoming mail" whitelist setting via a Cross-site request forgery (CSRF) vulnerability.
CVE-2017-14594	1 Atlassian	2 Jira, Jira Server	2024-11-21	N/A
The printable searchrequest issue resource in Atlassian Jira before version 7.2.12 and from version 7.3.0 before 7.6.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the jqlQuery query parameter.
CVE-2012-1500	1 Atlassian	2 Greenhopper, Jira	2024-11-21	5.4 Medium
Stored XSS vulnerability in UpdateFieldJson.jspa in JIRA 4.4.3 and GreenHopper before 5.9.8 allows an attacker to inject arbitrary script code.

« first previous Page 8 of 8.