Total
144 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-6619 | 1 Atlassian | 1 Jira | 2023-12-10 | 7.5 HIGH | N/A |
The Setup Wizard in Atlassian JIRA Enterprise Edition before 3.12.1 does not properly restrict setup attempts after setup is complete, which allows remote attackers to change the default language. | |||||
CVE-2007-6618 | 1 Atlassian | 1 Jira | 2023-12-10 | 5.0 MEDIUM | N/A |
JIRA Enterprise Edition before 3.12.1 allows remote attackers to delete another user's shared filter via a modified filter ID. | |||||
CVE-2006-3339 | 1 Atlassian | 1 Jira | 2023-12-10 | 5.0 MEDIUM | N/A |
secure/ConfigureReleaseNote.jspa in Atlassian JIRA 3.6.2-#156 allows remote attackers to obtain sensitive information via unspecified manipulations of the projectId parameter, which displays the installation path and other system information in an error message. | |||||
CVE-2006-3338 | 1 Atlassian | 1 Jira | 2023-12-10 | 2.6 LOW | N/A |
Cross-site scripting (XSS) vulnerability in Atlassian JIRA 3.6.2-#156 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in a direct request to secure/ConfigureReleaseNote.jspa, which are not sanitized before being returned in an error page. |