Page 4 of 33 results (0.003 seconds)

CVSS: 3.5EPSS: 0%CPEs: 6EXPL: 0

CVE-2021-26071

https://notcve.org/view.php?id=CVE-2021-26071

01 Apr 2021 — The SetFeatureEnabled.jspa resource in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to enable and disable Jira Software configuration via a cross-site request forgery (CSRF) vulnerability. El recurso SetFeatureEnabled.jspa en Jira Server y Data Center anterior a versión 8.5.13, desde versión 8.6.0 anterior a versión 8.13.5 y desde versión 8.14.0 anterior a versión 8.15.1, permite q... • https://jira.atlassian.com/browse/JRASERVER-72233 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0

CVE-2020-36238

https://notcve.org/view.php?id=CVE-2020-36238

01 Apr 2021 — The /rest/api/1.0/render resource in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to determine if a username is valid or not via a missing permissions check. El recurso /rest/api/1.0/render en Jira Server y Data Center anterior a versión 8.5.13, desde versión 8.6.0 anterior a versión 8.13.5 y desde versión 8.14.0 anterior a versión 8.15.1, permite a atacantes anónimos remotos deter... • https://jira.atlassian.com/browse/JRASERVER-72249 • CWE-862: Missing Authorization CWE-863: Incorrect Authorization •

CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0

CVE-2020-36231

https://notcve.org/view.php?id=CVE-2020-36231

01 Feb 2021 — Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view the metadata of boards they should not have access to via an Insecure Direct Object References (IDOR) vulnerability. The affected versions are before version 8.5.10, and from version 8.6.0 before 8.13.2. çLas versiones afectadas de Atlassian Jira Server y Data Center, permiten a atacantes remotos visualizar los metadatos de las tarjetas a las que no deberían tener acceso por medio de una vulnerabilidad de Insecure Dire... • https://jira.atlassian.com/browse/JRASERVER-72002 • CWE-639: Authorization Bypass Through User-Controlled Key •