Atlassian Jira Data Center
64 CVEs affecting Atlassian Jira Data Center. Latest disclosed: 2025-02-11. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-15002 | | 2025-02-11 | An exploitable CSRF vulnerability exists in Atlassian Jira, from versions 7.6.4 to 8.1.0. The login form doesn’t require a CSRF token. As a result, an attacker… | |
CVE-2022-36801 | | 2022-08-10 | Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to inject arbitrary HTML or JavaScript via a Reflected Cross-Site S… | |
CVE-2022-36799 | | 2022-08-01 | This issue exists to document that a security improvement in the way that Jira Server and Data Center use templates has been implemented. Affected versions of… | |
CVE-2021-43944 | | 2022-03-08 | This issue exists to document that a security improvement in the way that Jira Server and Data Center use templates has been implemented. Affected versions of… | |
CVE-2021-43945 | | 2022-02-28 | Affected versions of Atlassian Jira Server and Data Center allow remote attackers with Roadmaps Administrator permissions to inject arbitrary HTML or JavaScrip… | |
CVE-2021-43941 | | 2022-02-15 | Affected versions of Atlassian Jira Server and Data Center allow remote attackers to modify several resources (including CsvFieldMappingsPage.jspa and Importer… | |
CVE-2021-43953 | | 2022-02-15 | Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to toggle the Thread Contention and CPU monitoring settings v… | |
CVE-2021-43952 | | 2022-02-15 | Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to restore the default configuration of fields via a Cross-Si… | |
CVE-2021-43947 | | 2022-01-06 | Affected versions of Atlassian Jira Server and Data Center allow remote attackers with administrator privileges to execute arbitrary code via a Remote Code Exe… | |
CVE-2021-43946 | | 2022-01-05 | Affected versions of Atlassian Jira Server and Data Center allow authenticated remote attackers to add administrator groups to filter subscriptions via a Broke… | |
CVE-2021-43942 | | 2022-01-04 | Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Reflected Cross-Site Scripting (… | |
CVE-2021-41311 | | 2021-12-08 | Affected versions of Atlassian Jira Server and Data Center allow attackers with access to an administrator account that has had its access revoked to modify pr… | |
CVE-2021-41309 | | 2021-12-08 | Affected versions of Atlassian Jira Server and Data Center allow a user who has had their Jira Service Management access revoked to export audit logs of anothe… | |
CVE-2021-41312 | | 2021-11-03 | Affected versions of Atlassian Jira Server and Data Center allow a remote attacker who has had their access revoked from Jira Service Management to enable and… | |
CVE-2021-41310 | | 2021-11-01 | Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (… | |
CVE-2021-41313 | | 2021-11-01 | Affected versions of Atlassian Jira Server and Data Center allow authenticated but non-admin remote attackers to edit email batch configurations via an Imprope… | |
CVE-2021-41308 | | 2021-10-26 | Affected versions of Atlassian Jira Server and Data Center allow authenticated yet non-administrator remote attackers to edit the File Replication settings via… | |
CVE-2021-41307 | | 2021-10-26 | Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view the names of private projects and private filters via… | |
CVE-2021-41306 | | 2021-10-26 | Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to view private project and filter names via an Insecure Direct Obj… | |
CVE-2021-41305 | | 2021-10-26 | Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to view the names of private projects and filters via an Insecure D… |