CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Atlassian: >> Jira Data Center >> 8.19.1 Security Vulnerabilities

CVE-2021-41313

Affected versions of Atlassian Jira Server and Data Center allow authenticated but non-admin remote attackers to edit email batch configurations via an Improper Authorization vulnerability in the /secure/admin/ConfigureBatching!default.jspa endpoint. The affected versions are before version 8.20.7.

CVSS Score

4.3

EPSS Score

0.002

Published

2021-11-01

CVE-2021-41304

Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the /secure/admin/ImporterFinishedPage.jspa error message. The affected versions are before version 8.13.12, and from version 8.14.0 before 8.20.2.

CVSS Score

6.1

EPSS Score

0.005

Published

2021-10-26

Page 2

Vulnerabilities

Vulnerable Software

Atlassian: >> Jira Data Center >> 8.19.1 Security Vulnerabilities

Products

Pricing

Contact Us