CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 2CVE-2012-1500 – jira 4.4.3 / greenhopper < 5.9.8 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2012-1500
Stored XSS vulnerability in UpdateFieldJson.jspa in JIRA 4.4.3 and GreenHopper before 5.9.8 allows an attacker to inject arbitrary script code. Una vulnerabilidad de tipo XSS almacenado del archivo UpdateFieldJson.jspa en JIRA versión 4.4.3 y GreenHopper versiones anteriores a 5.9.8, permite a un atacante inyectar código de script arbitrario. • https://www.exploit-db.com/exploits/21052 https://web.archive.org/web/20121014055829/http://www.cloudscan.me/2012/09/cve-2012-1500-ghs-5375-ghs-5642.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 1%CPEs: 29EXPL: 0CVE-2012-2928
https://notcve.org/view.php?id=CVE-2012-2928
The Gliffy plugin before 3.7.1 for Atlassian JIRA, and before 4.2 for Atlassian Confluence, does not properly restrict the capabilities of third-party XML parsers, which allows remote attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors. El complemento Gliffy para Atlassian JIRA v3.7.1, y en version anteriores ala v4.2 para Atlassian Confluence, no restringe correctamente las capacidades de los analizadores XML de tercer nivel, lo que permite leer ficheros de su elección o causar una denegación de servicio (por excesivo consumo de recursos) a atacantes remotos a través de vectores no especificados. • http://confluence.atlassian.com/display/DOC/Confluence+Security+Advisory+2012-05-17 http://confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2012-05-17 http://osvdb.org/81993 http://secunia.com/advisories/49166 http://www.securityfocus.com/bid/53595 https://exchange.xforce.ibmcloud.com/vulnerabilities/75697 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.1EPSS: 45%CPEs: 17EXPL: 1CVE-2012-2926 – Atlassian Tempo 6.4.3 / JIRA 5.0.0 / Gliffy 3.7.0 - XML Parsing Denial of Service
https://notcve.org/view.php?id=CVE-2012-2926
Atlassian JIRA before 5.0.1; Confluence before 3.5.16, 4.0 before 4.0.7, and 4.1 before 4.1.10; FishEye and Crucible before 2.5.8, 2.6 before 2.6.8, and 2.7 before 2.7.12; Bamboo before 3.3.4 and 3.4.x before 3.4.5; and Crowd before 2.0.9, 2.1 before 2.1.2, 2.2 before 2.2.9, 2.3 before 2.3.7, and 2.4 before 2.4.1 do not properly restrict the capabilities of third-party XML parsers, which allows remote attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors. Atlassian JIRA antes de v5.0.1; Confluence antes de v3.5.16, v4.0 antes de v4.0.7, y v4.1 antes del v4.1.10; 'FishEye and Crucible' antes de v2.5.8, v2.6 antes de v2.6.8, y v2.7 antes de v2.7.12; Bamboo antes de v3.3.4 y v3.4.x antes de v3.4.5, y Crowd antes de v2.0.9, v2.1 antes de v2.1.2, v2.2 antes de v2.2.9, v2.3 antes de v2.3.7 y v2.4 antes de v2.4.1 no restringen correctamente las capacidades de los analizadores XML de de terceros, lo que permite leer ficheros de su elección o causar una denegación de servicio (por excesivo consumo de recursos) a atacantes remotos a través de vectores no especificados. • https://www.exploit-db.com/exploits/37218 http://confluence.atlassian.com/display/BAMBOO/Bamboo+Security+Advisory+2012-05-17 http://confluence.atlassian.com/display/CROWD/Crowd+Security+Advisory+2012-05-17 http://confluence.atlassian.com/display/DOC/Confluence+Security+Advisory+2012-05-17 http://confluence.atlassian.com/display/FISHEYE/FishEye+and+Crucible+Security+Advisory+2012-05-17 http://confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2012-05-17 http://osvdb.org/81993 http://secunia&# •
CVSS: 4.3EPSS: 0%CPEs: 14EXPL: 0CVE-2010-1164
https://notcve.org/view.php?id=CVE-2010-1164
Multiple cross-site scripting (XSS) vulnerabilities in Atlassian JIRA 3.12 through 4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) element or (2) defaultColor parameter to the Colour Picker page; the (3) formName parameter, (4) element parameter, or (5) full name field to the User Picker page; the (6) formName parameter, (7) element parameter, or (8) group name field to the Group Picker page; the (9) announcement_preview_banner_st parameter to unspecified components, related to the Announcement Banner Preview page; unspecified vectors involving the (10) groupnames.jsp, (11) indexbrowser.jsp, (12) classpath-debug.jsp, (13) viewdocument.jsp, or (14) cleancommentspam.jsp page; the (15) portletKey parameter to runportleterror.jsp; the (16) URI to issuelinksmall.jsp; the (17) afterURL parameter to screenshot-redirecter.jsp; or the (18) HTTP Referrer header to 500page.jsp, as exploited in the wild in April 2010. Múltiples vulnerabilidades de falsificación de petición en sitios cruzados (CSRF) en Atlassian JIRA v3.12 hasta la v4.1. Permiten a usuarios remotos inyectar codigo de script web o código HTML de su elección a través de el parámetro (1) "element" (elemento) o (2) "defaultColor" (color por defecto) a la página de "Colour Picker" (selección de colores); el (3) parámetro "formName", (4) parámetro "element", o (5) campo "full name" (nombre completo) a la página "User Picker" (selección de usuario); el (6) parámetro formName, (7) parámetro "element", o (8) campo "group name" (nombre de grupo) a la página "Group Picker" (selección de grupo); el (9) parámetro announcement_preview_banner_st de componentes sin especificar, relacionados con la página "Announcement Banner Preview" (vista previa de anuncio); vectores sin especificar relacionados con las páginas (10) groupnames.jsp, (11) indexbrowser.jsp, (12) classpath-debug.jsp, (13) viewdocument.jsp, o (14) cleancommentspam.jsp; el (15) parámetro portletKey de runportleterror.jsp; la (16) URI de issuelinksmall.jsp; el (17) parámetro afterURL de screenshot-redirecter.jsp; o la (18) cabecera HTTP Referrer de 500page.jsp, tal como se ha explotado activamente en Abril del 2010. • http://confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2010-04-16 http://jira.atlassian.com/browse/JRA-20994 http://jira.atlassian.com/browse/JRA-21004 http://secunia.com/advisories/39353 http://www.openwall.com/lists/oss-security/2010/04/16/3 http://www.openwall.com/lists/oss-security/2010/04/16/4 http://www.securityfocus.com/bid/39485 https://exchange.xforce.ibmcloud.com/vulnerabilities/57826 https://exchange.xforce.ibmcloud.com/vulnerabilities/57827 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 2%CPEs: 14EXPL: 0CVE-2010-1165
https://notcve.org/view.php?id=CVE-2010-1165
Atlassian JIRA 3.12 through 4.1 allows remote authenticated administrators to execute arbitrary code by modifying the (1) attachment (aka attachments), (2) index (aka indexing), or (3) backup path and then uploading a file, as exploited in the wild in April 2010. Atlassian JIRA v3.12 hasta v4.1 permite a administradores autenticados remotamente ejecutar código de su elección modificando(1) adjuntos (como attachments), (2) índice (como indexing), o (3) ruta de guardado y luego subir un fichero, se explota activamente desde abril de 2010. • http://confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2010-04-16 http://jira.atlassian.com/browse/JRA-20995 http://jira.atlassian.com/browse/JRA-21004 http://secunia.com/advisories/39353 http://www.openwall.com/lists/oss-security/2010/04/16/3 http://www.openwall.com/lists/oss-security/2010/04/16/4 http://www.securityfocus.com/bid/39485 https://exchange.xforce.ibmcloud.com/vulnerabilities/57828 • CWE-94: Improper Control of Generation of Code ('Code Injection') •