NotCVE - vendor:"Atlassian" product:"Jira Service Management" version:" >= 4.21.0

Page 2 of 12 results (0.001 seconds)

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2021-43951

https://notcve.org/view.php?id=CVE-2021-43951

10 Jan 2022 — Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view object import configuration details via an Information Disclosure vulnerability in the Create Object type mapping feature. The affected versions are before version 4.21.0. Las versiones afectadas de Atlassian Jira Service Management Server y Data Center permiten a atacantes remotos autenticados visualizar los detalles de la configuración de importación de objetos por medio de una vulner... • https://jira.atlassian.com/browse/JSDSERVER-10984 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.8EPSS: 10%CPEs: 180EXPL: 1

CVE-2019-13990 – libquartz: XXE attacks via job description

https://notcve.org/view.php?id=CVE-2019-13990

26 Jul 2019 — initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description. La función initDocumentParser en el archivo xml/XMLSchedulingDataProcessor.java en Quartz Scheduler de Terracotta hasta la versión 2.3.0, permite ataques de tipo XXE por medio de una descripción del trabajo. The Terracotta Quartz Scheduler is susceptible to an XML external entity attack (XXE) through a job description. This issue stems from inadequate handling of X... • https://github.com/epicosy/Quartz-1 • CWE-611: Improper Restriction of XML External Entity Reference •

1 2