Known Vulnerabilities for products from Atlassian

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Atlassian".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2022-36801	Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to inject arbitrary HTML or JavaS...	Not Provided	2022-08-10	2022-08-10
CVE-2022-36800	Affected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers without the "Browse User...	4.3 - MEDIUM	2022-08-03	2022-08-03
CVE-2022-36799	This issue exists to document that a security improvement in the way that Jira Server and Data Center use templates has been ...	7.2 - HIGH	2022-08-01	2022-08-01
CVE-2022-36131	The Better PDF Exporter add-on 10.0.0 for Atlassian Jira is prone to stored XSS via a crafted description to the PDF Template...	6.1 - MEDIUM	2022-07-22	2022-07-22
CVE-2022-32567	The Appfire Jira Misc Custom Fields (JMCF) app 2.4.6 for Atlassian Jira allows XSS via a crafted project name to the Add Auto...	5.4 - MEDIUM	2022-07-07	2022-07-07
CVE-2022-32274	The Transition Scheduler add-on 6.5.0 for Atlassian Jira is prone to stored XSS via the project name to the creation function...	5.4 - MEDIUM	2022-07-13	2022-07-13
CVE-2022-26138	The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the con...	9.8 - CRITICAL	2022-07-20	2022-07-20
CVE-2022-26137	A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to cause additional Servlet Filters ...	8.8 - HIGH	2022-07-20	2022-07-20
CVE-2022-26136	A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to bypass Servlet Filters used by fi...	9.8 - CRITICAL	2022-07-20	2022-07-20
CVE-2022-26135	A vulnerability in Mobile Plugin for Jira Data Center and Server allows a remote, authenticated user (including a user who jo...	6.5 - MEDIUM	2022-06-30	2022-06-30
CVE-2022-0540	RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new secur...	9.8 - CRITICAL	2022-04-20	2022-06-10
CVE-2021-43959	RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new secur...	5.7 - MEDIUM	2022-07-26	2022-08-02
CVE-2021-43958	RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new secur...	9.8 - CRITICAL	2022-03-16	2022-03-22
CVE-2021-43957	RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new secur...	7.5 - HIGH	2022-03-16	2022-03-22
CVE-2021-43956	RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new secur...	6.1 - MEDIUM	2022-03-16	2022-03-22
CVE-2021-43955	RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new secur...	4.3 - MEDIUM	2022-03-16	2022-03-22
CVE-2021-43954	RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new secur...	4.3 - MEDIUM	2022-03-14	2022-03-18
CVE-2021-43953	RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new secur...	4.3 - MEDIUM	2022-02-15	2022-04-25
CVE-2021-43952	RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new secur...	4.3 - MEDIUM	2022-02-15	2022-06-03
CVE-2021-43951	RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new secur...	4.3 - MEDIUM	2022-01-10	2022-03-04

Results limited to 20 most recent vulnerabilities

Known software with vulnerabilities from Atlassian

Type	Vendor	Product	Version
Application	Atlassian	Activity Streams	6.3.0
Application	Atlassian	Application Links	1.1
Application	Atlassian	Bamboo	1.0
Application	Atlassian	Bitbucket	1.0.0
Application	Atlassian	Cloudtoken	0.0.11
Application	Atlassian	Companion	1.0.0
Application	Atlassian	Confluence	1.0
Application	Atlassian	Crowd	-
Application	Atlassian	Crowd2	-
Application	Atlassian	Crucible	1.1
Application	Atlassian	Data Center	6.12.0
Application	Atlassian	Editor-core	-
Application	Atlassian	Fisheye	1.2.5
Application	Atlassian	Floodlight	0.85
Application	Atlassian	Floodlight Controller	0.85
Application	Atlassian	Greenhopper	5.9.8
Application	Atlassian	Hipchat	0.1.2
Application	Atlassian	Hipchat Data Center	3.0.0
Application	Atlassian	Hipchat Server	2.2.0
Application	Atlassian	Html Include And Replace Macro	1.4.0

Results limited to 20 most recent known configurations

Jira Cloud by Atlassian

apps.apple.com/us/app/jira-cloud-by-atlassian/id1006972087 Search in App Store

App Store Jira Cloud by Atlassian Productivity

Atlassian&Australian enterprise software company

Atlassian Corporation Plc is an Australian software company that develops products for software developers and project managers.

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].

Known Vulnerabilities for products from Atlassian