Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-36236) CVE-2020-36236 CWE-707 CWE-707 Medium Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-36288) CVE-2020-36288 CWE-707 CWE-707 Medium Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26078) CVE-2021-26078 CWE-707 CWE-707 Medium Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26079) CVE-2021-26079 CWE-707 CWE-707 Medium Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26080) CVE-2021-26080 CWE-707 CWE-707 Medium Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26082) CVE-2021-26082 CWE-707 CWE-707 Medium Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26083) CVE-2021-26083 CWE-707 CWE-707 Medium Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-39111) CVE-2021-39111 CWE-707 CWE-707 Medium Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-39117) CVE-2021-39117 CWE-707 CWE-707 Medium Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41304) CVE-2021-41304 CWE-707 CWE-707 Medium Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-43945) CVE-2021-43945 CWE-707 CWE-707 Medium Atlassian Jira Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-11581) CVE-2019-11581 CWE-138 CWE-138 Critical Atlassian Jira Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-20409) CVE-2019-20409 CWE-138 CWE-138 Critical Atlassian Jira Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-14193) CVE-2020-14193 CWE-138 CWE-138 Medium Atlassian Jira Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2021-26069) CVE-2021-26069 CWE-138 CWE-138 Medium Atlassian Jira Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2021-39128) CVE-2021-39128 CWE-138 CWE-138 High Atlassian Jira Improper Privilege Management Vulnerability (CVE-2018-13400) CVE-2018-13400 CWE-269 CWE-269 Medium Atlassian Jira Incorrect Authorization Vulnerability (CVE-2018-20826) CVE-2018-20826 CWE-863 CWE-863 Medium Atlassian Jira Incorrect Authorization Vulnerability (CVE-2019-3401) CVE-2019-3401 CWE-863 CWE-863 Medium Atlassian Jira Incorrect Authorization Vulnerability (CVE-2019-3403) CVE-2019-3403 CWE-863 CWE-863 Medium Atlassian Jira Incorrect Authorization Vulnerability (CVE-2019-8446) CVE-2019-8446 CWE-863 CWE-863 Medium Atlassian Jira Incorrect Authorization Vulnerability (CVE-2020-36238) CVE-2020-36238 CWE-863 CWE-863 Medium Atlassian Jira Incorrect Authorization Vulnerability (CVE-2020-36287) CVE-2020-36287 CWE-863 CWE-863 Medium Atlassian Jira Incorrect Authorization Vulnerability (CVE-2021-43948) CVE-2021-43948 CWE-863 CWE-863 Medium Atlassian Jira Incorrect Behavior Order: Validate Before Canonicalize Vulnerability (CVE-2022-26136) CVE-2022-26136 CWE-180 CWE-180 Critical Atlassian Jira Incorrect Behavior Order: Validate Before Canonicalize Vulnerability (CVE-2022-26137) CVE-2022-26137 CWE-180 CWE-180 Critical Atlassian Jira Incorrect Default Permissions Vulnerability (CVE-2019-14995) CVE-2019-14995 CWE-276 CWE-276 Medium Atlassian Jira Incorrect Default Permissions Vulnerability (CVE-2019-20106) CVE-2019-20106 CWE-276 CWE-276 Medium Atlassian Jira insecure REST permissions High Atlassian Jira Insufficient Session Expiration Vulnerability (CVE-2021-39113) CVE-2021-39113 CWE-613 CWE-613 High Atlassian Jira Manage Filters information disclosure CWE-200 CWE-200 Low Atlassian Jira Missing Authentication for Critical Function Vulnerability (CVE-2019-8449) CVE-2019-8449 CWE-306 CWE-306 Medium Atlassian Jira Missing Authorization Vulnerability (CVE-2017-18101) CVE-2017-18101 CWE-862 CWE-862 Medium Atlassian Jira Missing Authorization Vulnerability (CVE-2019-3399) CVE-2019-3399 CWE-862 CWE-862 High Atlassian Jira Missing Authorization Vulnerability (CVE-2019-8445) CVE-2019-8445 CWE-862 CWE-862 Medium Atlassian Jira Missing Authorization Vulnerability (CVE-2019-15013) CVE-2019-15013 CWE-862 CWE-862 Medium Atlassian Jira Missing Authorization Vulnerability (CVE-2019-20407) CVE-2019-20407 CWE-862 CWE-862 Medium Atlassian Jira Missing Authorization Vulnerability (CVE-2020-14185) CVE-2020-14185 CWE-862 CWE-862 Medium Atlassian Jira Observable Discrepancy Vulnerability (CVE-2020-4028) CVE-2020-4028 CWE-203 CWE-203 Medium Atlassian Jira Other Vulnerability (CVE-2006-3338) CVE-2006-3338 Low Atlassian Jira Other Vulnerability (CVE-2006-3339) CVE-2006-3339 Medium Atlassian Jira Other Vulnerability (CVE-2007-6618) CVE-2007-6618 Medium Atlassian Jira Other Vulnerability (CVE-2019-14997) CVE-2019-14997 Medium Atlassian Jira Other Vulnerability (CVE-2019-20101) CVE-2019-20101 Medium Atlassian Jira Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-6619) CVE-2007-6619 CWE-264 CWE-264 High Atlassian Jira Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2928) CVE-2012-2928 CWE-264 CWE-264 Medium Atlassian Jira Server-Side Request Forgery (SSRF) Vulnerability (CVE-2017-16865) CVE-2017-16865 CWE-918 CWE-918 Medium Atlassian Jira Server-Side Request Forgery (SSRF) Vulnerability (CVE-2018-13404) CVE-2018-13404 CWE-918 CWE-918 Medium Atlassian Jira Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-8451) CVE-2019-8451 CWE-918 CWE-918 Medium Atlassian Jira Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-20408) CVE-2019-20408 CWE-918 CWE-918 Medium Atlassian JIRA Servicedesk misconfiguration CWE-287 CWE-287 Medium Atlassian Jira Uncontrolled Search Path Element Vulnerability (CVE-2019-20400) CVE-2019-20400 CWE-427 CWE-427 High Atlassian Jira Uncontrolled Search Path Element Vulnerability (CVE-2019-20419) CVE-2019-20419 CWE-427 CWE-427 High Atlassian Jira Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-20897) CVE-2019-20897 CWE-434 CWE-434 Medium Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-13401) CVE-2018-13401 CWE-601 CWE-601 Medium Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-13402) CVE-2018-13402 CWE-601 CWE-601 Medium Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-11585) CVE-2019-11585 CWE-601 CWE-601 Medium Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-11589) CVE-2019-11589 CWE-601 CWE-601 Medium Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-20417) CVE-2019-20417 CWE-601 CWE-601 Medium Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-20901) CVE-2019-20901 CWE-601 CWE-601 Medium Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-39112) CVE-2021-39112 CWE-601 CWE-601 Medium Atlassian OAuth Plugin IconUriServlet SSRF CVE-2017-9506 CWE-918 CWE-918 High ATutor Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-1583) CVE-2015-1583 CWE-352 CWE-352 High ATutor Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-2539) CVE-2016-2539 CWE-352 CWE-352 High ATutor Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3706) CVE-2011-3706 CWE-200 CWE-200 Medium ATutor Improper Authentication Vulnerability (CVE-2014-9753) CVE-2014-9753 CWE-287 CWE-287 Critical ATutor Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3368) CVE-2008-3368 CWE-94 CWE-94 Medium ATutor Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2016-10400) CVE-2016-10400 CWE-22 CWE-22 High ATutor Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-1000002) CVE-2017-1000002 CWE-22 CWE-22 Critical ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0828) CVE-2008-0828 CWE-707 CWE-707 Medium ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-0971) CVE-2010-0971 CWE-707 CWE-707 Low ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6528) CVE-2012-6528 CWE-707 CWE-707 Medium ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-2091) CVE-2014-2091 CWE-707 CWE-707 Low ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-6521) CVE-2015-6521 CWE-707 CWE-707 Medium ATutor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7711) CVE-2015-7711 CWE-707 CWE-707 Medium 1...13141516...293 14 / 293
