Product:

Jira_service_management

(Atlassian)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 15
Date Id Summary Products Score Patch Annotated
2022-02-15 CVE-2021-43950 Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view import source configuration information via a Broken Access Control vulnerability in the Insight Import Source feature. The affected versions are before version 4.21.0. Jira_service_management 4.3
2022-02-15 CVE-2021-43948 Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view the names of private objects via an Improper Authorization vulnerability in the "Move objects" feature. The affected versions are before version 4.21.0. Jira_service_management 4.3
2022-02-24 CVE-2021-43943 Affected versions of Atlassian Jira Service Management Server and Data Center allow attackers with administrator privileges to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the "Object Schema" field of /secure/admin/InsightDefaultCustomFieldConfig.jspa. The affected versions are before version 4.21.0. Jira_service_management 4.8
2022-01-10 CVE-2021-43949 Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view private objects via a Broken Access Control vulnerability in the Custom Fields feature. The affected versions are before version 4.21.0. Jira_service_management 4.3
2022-01-10 CVE-2021-43951 Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view object import configuration details via an Information Disclosure vulnerability in the Create Object type mapping feature. The affected versions are before version 4.21.0. Jira_service_management 4.3