VYPR

Atlassian Jira Service Management

by Atlassian

CVEs (4)

  • CVE-2022-26137HigJul 20, 2022
    risk 0.57cvss 8.8epss 0.02

    A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to cause additional Servlet Filters to be invoked when the application processes requests or responses. Atlassian has confirmed and fixed the only known security issue associated with this…

  • CVE-2021-41312HigNov 3, 2021
    risk 0.49cvss 7.5epss 0.01

    Affected versions of Atlassian Jira Server and Data Center allow a remote attacker who has had their access revoked from Jira Service Management to enable and disable Issue Collectors on Jira Service Management projects via an Improper Authentication vulnerability in the…

  • CVE-2021-39128HigSep 16, 2021
    risk 0.47cvss 7.2epss 0.02

    Affected versions of Atlassian Jira Server or Data Center using the Jira Service Management addon allow remote attackers with JIRA Administrators access to execute arbitrary Java code via a server-side template injection vulnerability in the Email Template feature. The affected…

  • CVE-2021-41309MedDec 8, 2021
    risk 0.35cvss 5.3epss 0.01

    Affected versions of Atlassian Jira Server and Data Center allow a user who has had their Jira Service Management access revoked to export audit logs of another user's Jira Service Management project via a Broken Authentication vulnerability in the…