Show filters
501 Total Results
Displaying 191-200 of 501
Sort by:
Attacker Value
Unknown
CVE-2019-20903
Disclosure Date: September 30, 2020 (last updated February 22, 2025)
The hyperlinks functionality in atlaskit/editor-core in before version 113.1.5 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in link targets.
0
Attacker Value
Unknown
CVE-2020-14181
Disclosure Date: September 16, 2020 (last updated February 22, 2025)
Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the /ViewUserHover.jspa endpoint. The affected versions are before version 7.13.6, from version 8.0.0 before 8.5.7, and from version 8.6.0 before 8.12.0.
0
Attacker Value
Unknown
CVE-2020-14179
Disclosure Date: September 11, 2020 (last updated November 28, 2024)
Affected versions of Atlassian Jira Server and Data Center allow remote, unauthenticated attackers to view custom field names and custom SLA names via an Information Disclosure vulnerability in the /secure/QueryComponent!Default.jspa endpoint. The affected versions are before version 8.5.8, and from version 8.6.0 before 8.11.1.
0
Attacker Value
Unknown
CVE-2020-14178
Disclosure Date: September 01, 2020 (last updated November 28, 2024)
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to enumerate project keys via an Information Disclosure vulnerability in the /browse.PROJECTKEY endpoint. The affected versions are before version 7.13.7, from version 8.0.0 before 8.5.8, and from version 8.6.0 before 8.12.0.
0
Attacker Value
Unknown
CVE-2020-14177
Disclosure Date: August 24, 2020 (last updated November 28, 2024)
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to impact the application's availability via a Regex-based Denial of Service (DoS) vulnerability in JQL version searching. The affected versions are before version 7.13.16; from version 7.14.0 before 8.5.7; from version 8.6.0 before 8.10.2; and from version 8.11.0 before 8.11.1.
0
Attacker Value
Unknown
CVE-2017-18112
Disclosure Date: August 03, 2020 (last updated February 21, 2025)
Affected versions of Atlassian Fisheye allow remote attackers to view the HTTP password of a repository via an Information Disclosure vulnerability in the logging feature. The affected versions are before version 4.8.3.
0
Attacker Value
Unknown
CVE-2020-14175
Disclosure Date: July 24, 2020 (last updated February 21, 2025)
Affected versions of Atlassian Confluence Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in user macro parameters. The affected versions are before version 7.4.2, and from version 7.5.0 before 7.5.2.
0
Attacker Value
Unknown
CVE-2020-14170
Disclosure Date: July 09, 2020 (last updated February 21, 2025)
Webhooks in Atlassian Bitbucket Server from version 5.4.0 before version 7.3.1 allow remote attackers to access the content of internal network resources via a Server-Side Request Forgery (SSRF) vulnerability.
0
Attacker Value
Unknown
CVE-2020-14171
Disclosure Date: July 09, 2020 (last updated February 21, 2025)
Atlassian Bitbucket Server from version 4.9.0 before version 7.2.4 allows remote attackers to intercept unencrypted repository import requests via a Man-in-the-Middle (MITM) attack.
0
Attacker Value
Unknown
CVE-2020-14174
Disclosure Date: July 08, 2020 (last updated February 21, 2025)
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view titles of a private project via an Insecure Direct Object References (IDOR) vulnerability in the Administration Permission Helper. The affected versions are before version 7.13.6, from version 8.0.0 before 8.5.7, from version 8.6.0 before 8.9.2, and from version 8.10.0 before 8.10.1.
0
