Atlassian
Monthly
Two-factor authentication bypass in syracom AG Secure Login (2FA) plugin 3.4.0.x for Atlassian Jira, Confluence, and Bitbucket allows an attacker holding valid first-factor credentials to skip the 2FA challenge entirely by injecting strings like 'AtlassianMobileApp' or 'JIRA' into the HTTP User-Agent header. The plugin treats such requests as mobile-app traffic and waives 2FA enforcement on protected web resources, effectively neutralizing the security control the plugin exists to provide. No public exploit identified at time of analysis, but the technique is trivial to reproduce from the public advisory text.
Server-Side Request Forgery in GeoServer's XML entity resolution allows unauthenticated remote attackers to cause the server to issue HTTP requests to unintended internal or external endpoints. Affected are GeoServer deployments running versions up to 2.26.3 and 2.27.0-2.27.2 that have both a proxy base URL configured without a trailing slash and ENTITY_RESOLUTION_ALLOWLIST active - the default since 2.25.0. No public exploit or CISA KEV listing exists at time of analysis, but the CVSS vector scores high confidentiality impact, making this a meaningful risk for deployments where GeoServer has network adjacency to internal services or cloud metadata endpoints.
Arbitrary file write in GeoServer's Master Password Dump web page allows an authenticated administrator to write attacker-controlled content to any absolute filesystem path the GeoServer process can write to, including JSP files in a Tomcat webapps directory. Because GeoServer enforces no maximum master password length, an admin can embed malicious JSP code into the master password and dump it to an executable location, escalating to remote code execution on the host. No public exploit identified at time of analysis and the issue is not in CISA KEV.
Remote code execution in GeoServer (versions prior to 2.27.0) with the DB2 extension installed allows authenticated administrators to perform a JNDI injection attack via a crafted DB2 JDBC connection URL submitted through the Vector Data Sources page, ultimately triggering Java deserialization of untrusted data and arbitrary code execution. No public exploit identified at time of analysis, and the vulnerability is not on CISA KEV, but the attack pattern follows well-known JNDI/Log4Shell-style RCE techniques. Risk is meaningful only where the DB2 extension is deployed and an administrative account is reachable.
Information disclosure in XWiki Platform's LiveTableResults macro allows unauthenticated remote attackers to reconstruct user password hashes and salts one bit at a time by sending approximately 768 crafted requests with manipulated class-per-property parameters. This is a bypass of the prior fix for GHSA-5cf8-vrr8-8hjm, which failed to account for an alternate parameter path. No public exploit is identified at time of analysis, but the technique is fully described in the vendor advisory.
Path traversal in XWiki Platform's WebJars API enables a subwiki admin who can publish and install a malicious WebJar extension to write arbitrary files anywhere on the server filesystem. The affected Maven component `xwiki-platform-webjars-api` fails to validate that JAR entry paths extracted during extension installation remain within the intended export directory, allowing overwrite of configuration files or potential superadmin credential manipulation. No public exploit is identified and no CISA KEV listing exists; vendor-released patches are available across three version branches.
Cross-Site Request Forgery in GitLab CE/EE allows an unauthenticated attacker to create unauthorized Jira subscriptions within a targeted authenticated user's namespace by tricking the victim into clicking a specially crafted link. All GitLab installations from version 11.10 through the pre-patch 18.x releases are affected across both Community and Enterprise editions. No public exploit exists and this is not listed in CISA KEV; however, the broad version range spanning over seven years of releases and the prevalence of Jira integrations in enterprise GitLab deployments make patching a meaningful priority.
GitLab's Jira integration exposes out-of-scope Jira issues to authenticated GitLab users across all editions (CE and EE) from version 13.7 through the patched releases, due to the integration's project-scope filter operating only as a UI display control rather than an enforced access boundary. The Changed scope (S:C) in the CVSS vector reflects that impact crosses into Atlassian Jira - a component outside GitLab's own trust domain - allowing confidential Jira issue data to leak beyond intended project boundaries. No public exploit exists and no active exploitation has been confirmed; EPSS is negligible at 0.01% (3rd percentile), placing this firmly in low-exploitation-probability territory despite a broad version range spanning over five years of releases.
Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows an unauthorized attacker to elevate privileges over a network.
Server-side request forgery combined with missing authentication in firefighter-incident Python package allows unauthenticated remote attackers to exfiltrate AWS IAM credentials from cloud metadata endpoints. The `/api/v2/firefighter/raid/jira_bot` endpoint accepts arbitrary URLs in the `attachments` parameter, fetches them server-side without validation, and uploads responses as Jira attachments — enabling SSRF against internal services including `http://169.254.169.254/` (AWS EC2 Instance Metadata Service). Vendor-released patch (version 0.0.54) enforces authentication and validates attachment URLs to block private/link-local/loopback addresses. No public exploit identified at time of analysis, but exploitation is trivial given detailed advisory with exact vulnerable code paths.
The camel-infinispan component's ProtoStream-based remote aggregation repository deserializes data read from a remote Infinispan cache using java.io.ObjectInputStream without applying any ObjectInputFilter. An attacker who can write to the Infinispan cache used by a Camel application can inject a crafted serialized Java object that, when read during normal aggregation repository operations such as get or recover, results in arbitrary code execution in the context of the application. This issue affects Apache Camel: from 4.0.0 before 4.14.7, from 4.15.0 before 4.18.2, from 4.19.0 before 4.20.0. Users are recommended to upgrade to version 4.20.0, which fixes the issue. If users are on the 4.14.x LTS releases stream, then they are suggested to upgrade to 4.14.7. If users are on the 4.18.x releases stream, then they are suggested to upgrade to 4.18.2. The JIRA ticket: https://issues.apache.org/jira/browse/CAMEL-23322 refers to the various commits that resolved the issue, and have more details. This issue follows the same class of vulnerability previously addressed in CVE-2024-22369, CVE-2024-23114 and CVE-2026-25747.
Remote code execution in Atlassian Bamboo Data Center versions 9.6.0 through 12.1.0 allows authenticated attackers to execute arbitrary OS commands via command injection vulnerability. The attack requires low-privilege authentication (PR:L) but no user interaction, enabling complete system compromise across confidentiality, integrity, and availability with cross-scope impact (SC:H/SI:H/SA:H indicating container escape or lateral movement potential). Atlassian has released patches for three major version branches (9.6.25, 10.2.18, 12.1.6). No active exploitation confirmed in CISA KEV at time of analysis, though the authenticated nature and critical CVSS 9.4 score warrant immediate patching for internet-exposed instances with broad user access.
Improper authorization in GitLab CE/EE Jira Connect integration allows authenticated users with minimal workspace permissions to steal installation credentials and impersonate the GitLab application. Affects versions 14.3 through 18.8.6, 18.9.0-18.9.2, and 18.10.0. Vendor-released patches available in versions 18.8.7, 18.9.3, and 18.10.1. High CVSS score (8.1) reflects significant confidentiality and integrity impact with low attack complexity. No public exploit identified at time of analysis, though detailed disclosure exists via HackerOne report.
Remote code execution in Atlassian Bamboo Data Center versions 9.6.0 through 12.1.0 allows authenticated attackers with high privileges to execute arbitrary code on affected systems with a CVSS score of 8.6. The vulnerability impacts multiple major versions with no patch currently available, requiring immediate upgrade to patched releases such as 9.6.24, 10.2.16, or 12.1.3. Organizations unable to upgrade should prioritize access controls for high-privileged accounts until remediation is possible.
LibreChat versions 0.8.2 through 0.8.2-rc3 contain an authentication bypass vulnerability in the Model Context Protocol (MCP) OAuth callback endpoint that allows attackers to steal OAuth tokens by tricking victims into completing an OAuth flow, resulting in account takeover of the victim's MCP-linked services like Atlassian and Outlook. No active exploitation is known (not in KEV), no POC is publicly available, and EPSS data is not yet available for this newly disclosed vulnerability.
MCP Atlassian server has a path traversal vulnerability enabling unauthorized access to Confluence and Jira data outside the intended scope.
Unauthenticated attackers can abuse the MCP Atlassian server to perform arbitrary outbound HTTP requests by manipulating HTTP headers, enabling credential theft from cloud instance metadata endpoints or internal network reconnaissance without requiring authentication. The vulnerability exists in the HTTP middleware layer prior to version 0.17.0, affecting Atlassian Confluence and Jira deployments. No patch is currently available.
XXE injection in Atlassian Crowd Data Center and Server 7.1.0+ enables authenticated attackers to read local and remote files, significantly compromising confidentiality and availability. The vulnerability requires high privileges to exploit but accepts no user interaction, affecting multiple Crowd versions until patching to 7.1.3 or later. No patch is currently available for all affected versions.
XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Prior to 1.27.1, the macro executes Velocity from the details pages without checking for permissions, which can lead to remote code execution. This vulnerability is fixed in 1.27.1.
XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Mattermost Confluence Plugin version <1.5.0 fails to check the access of the user to the channel which allows attackers to create channel subscription without proper access to the channel via API. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Mattermost Confluence Plugin version <1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to create channel subscription endpoint with an invalid. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Mattermost Confluence Plugin version <1.5.0 fails to enforce authentication of the user to the Mattermost instance which allows unauthenticated attackers to edit channel subscriptions via API call to. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Mattermost Confluence Plugin version <1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to server webhook endpoint with an invalid request body. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Mattermost Confluence Plugin version <1.5.0 fails to check the access of the user to the Confluence space which allows attackers to create a subscription for a Confluence space the user does not have. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Mattermost Confluence Plugin version <1.5.0 fails to check the access of the user to the channel which allows attackers to create a channel subscription without proper access to the channel via API. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Mattermost Confluence Plugin version <1.5.0 fails to check the access of the user to the channel which allows attackers to get channel subscription details without proper access to the channel via. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Mattermost Confluence Plugin version <1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to server webhook endpoint with an invalid request body. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Mattermost Confluence Plugin version <1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to update channel subscription endpoint with an invalid. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Mattermost Confluence Plugin version <1.5.0 fails to enforce authentication of the user to the Mattermost instance which allows unauthenticated attackers to access subscription details without via. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Mattermost Confluence Plugin version <1.5.0 fails to check the access of the user to the Confluence space which allows attackers to edit a subscription for a Confluence space the user does not have. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Mattermost Confluence Plugin version <1.5.0 fails to check the authorization of the user to the Mattermost instance which allows attackers to create a channel subscription without proper. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Mattermost Confluence Plugin version <1.5.0 fails to check the access of the user to the channel which allows attackers to get channel subscription details without proper access to the channel via. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Akeles Out of Office Assistant for Jira 4.0.1 is vulberable to Cross Site Scripting (XSS) via the Jira fullName parameter.
In JetBrains TeamCity before 2025.03.2 stored XSS via Jira integration was possible. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
This High severity PrivEsc (Privilege Escalation) vulnerability was introduced in versions: 9.12.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Core Data Center and Server 5.12.0, 10.3.0, 10.4.0, and 10.5.0. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.
Mattermost versions 10.4.x <= 10.4.2, 10.5.x <= 10.5.0, 9.11.x <= 9.11.9 fail to restrict domains the LLM can request to contact upstream which allows an authenticated user to exfiltrate data from an. Rated low severity (CVSS 3.0), this vulnerability is remotely exploitable. No vendor patch available.
The XWiki JIRA extension provides various integration points between XWiki and JIRA (macros, UI, CKEditor plugin). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
An authenticated stored cross-site scripting (XSS) vulnerability in The Plugin People Enterprise Mail Handler for Jira Data Center (JEMH) before v4.1.69-dc allows attackers with Administrator. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
XWiki Confluence Migrator Pro helps admins to import confluence packages into their XWiki instance. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
XWiki Confluence Migrator Pro helps admins to import confluence packages into their XWiki instance. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
matrix-hookshot is a Matrix bot for connecting to external services like GitHub, GitLab, JIRA, and more. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
@codidact/qpixel is a Q&A-based community knowledge-sharing software. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Two-factor authentication bypass in syracom AG Secure Login (2FA) plugin 3.4.0.x for Atlassian Jira, Confluence, and Bitbucket allows an attacker holding valid first-factor credentials to skip the 2FA challenge entirely by injecting strings like 'AtlassianMobileApp' or 'JIRA' into the HTTP User-Agent header. The plugin treats such requests as mobile-app traffic and waives 2FA enforcement on protected web resources, effectively neutralizing the security control the plugin exists to provide. No public exploit identified at time of analysis, but the technique is trivial to reproduce from the public advisory text.
Server-Side Request Forgery in GeoServer's XML entity resolution allows unauthenticated remote attackers to cause the server to issue HTTP requests to unintended internal or external endpoints. Affected are GeoServer deployments running versions up to 2.26.3 and 2.27.0-2.27.2 that have both a proxy base URL configured without a trailing slash and ENTITY_RESOLUTION_ALLOWLIST active - the default since 2.25.0. No public exploit or CISA KEV listing exists at time of analysis, but the CVSS vector scores high confidentiality impact, making this a meaningful risk for deployments where GeoServer has network adjacency to internal services or cloud metadata endpoints.
Arbitrary file write in GeoServer's Master Password Dump web page allows an authenticated administrator to write attacker-controlled content to any absolute filesystem path the GeoServer process can write to, including JSP files in a Tomcat webapps directory. Because GeoServer enforces no maximum master password length, an admin can embed malicious JSP code into the master password and dump it to an executable location, escalating to remote code execution on the host. No public exploit identified at time of analysis and the issue is not in CISA KEV.
Remote code execution in GeoServer (versions prior to 2.27.0) with the DB2 extension installed allows authenticated administrators to perform a JNDI injection attack via a crafted DB2 JDBC connection URL submitted through the Vector Data Sources page, ultimately triggering Java deserialization of untrusted data and arbitrary code execution. No public exploit identified at time of analysis, and the vulnerability is not on CISA KEV, but the attack pattern follows well-known JNDI/Log4Shell-style RCE techniques. Risk is meaningful only where the DB2 extension is deployed and an administrative account is reachable.
Information disclosure in XWiki Platform's LiveTableResults macro allows unauthenticated remote attackers to reconstruct user password hashes and salts one bit at a time by sending approximately 768 crafted requests with manipulated class-per-property parameters. This is a bypass of the prior fix for GHSA-5cf8-vrr8-8hjm, which failed to account for an alternate parameter path. No public exploit is identified at time of analysis, but the technique is fully described in the vendor advisory.
Path traversal in XWiki Platform's WebJars API enables a subwiki admin who can publish and install a malicious WebJar extension to write arbitrary files anywhere on the server filesystem. The affected Maven component `xwiki-platform-webjars-api` fails to validate that JAR entry paths extracted during extension installation remain within the intended export directory, allowing overwrite of configuration files or potential superadmin credential manipulation. No public exploit is identified and no CISA KEV listing exists; vendor-released patches are available across three version branches.
Cross-Site Request Forgery in GitLab CE/EE allows an unauthenticated attacker to create unauthorized Jira subscriptions within a targeted authenticated user's namespace by tricking the victim into clicking a specially crafted link. All GitLab installations from version 11.10 through the pre-patch 18.x releases are affected across both Community and Enterprise editions. No public exploit exists and this is not listed in CISA KEV; however, the broad version range spanning over seven years of releases and the prevalence of Jira integrations in enterprise GitLab deployments make patching a meaningful priority.
GitLab's Jira integration exposes out-of-scope Jira issues to authenticated GitLab users across all editions (CE and EE) from version 13.7 through the patched releases, due to the integration's project-scope filter operating only as a UI display control rather than an enforced access boundary. The Changed scope (S:C) in the CVSS vector reflects that impact crosses into Atlassian Jira - a component outside GitLab's own trust domain - allowing confidential Jira issue data to leak beyond intended project boundaries. No public exploit exists and no active exploitation has been confirmed; EPSS is negligible at 0.01% (3rd percentile), placing this firmly in low-exploitation-probability territory despite a broad version range spanning over five years of releases.
Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows an unauthorized attacker to elevate privileges over a network.
Server-side request forgery combined with missing authentication in firefighter-incident Python package allows unauthenticated remote attackers to exfiltrate AWS IAM credentials from cloud metadata endpoints. The `/api/v2/firefighter/raid/jira_bot` endpoint accepts arbitrary URLs in the `attachments` parameter, fetches them server-side without validation, and uploads responses as Jira attachments — enabling SSRF against internal services including `http://169.254.169.254/` (AWS EC2 Instance Metadata Service). Vendor-released patch (version 0.0.54) enforces authentication and validates attachment URLs to block private/link-local/loopback addresses. No public exploit identified at time of analysis, but exploitation is trivial given detailed advisory with exact vulnerable code paths.
The camel-infinispan component's ProtoStream-based remote aggregation repository deserializes data read from a remote Infinispan cache using java.io.ObjectInputStream without applying any ObjectInputFilter. An attacker who can write to the Infinispan cache used by a Camel application can inject a crafted serialized Java object that, when read during normal aggregation repository operations such as get or recover, results in arbitrary code execution in the context of the application. This issue affects Apache Camel: from 4.0.0 before 4.14.7, from 4.15.0 before 4.18.2, from 4.19.0 before 4.20.0. Users are recommended to upgrade to version 4.20.0, which fixes the issue. If users are on the 4.14.x LTS releases stream, then they are suggested to upgrade to 4.14.7. If users are on the 4.18.x releases stream, then they are suggested to upgrade to 4.18.2. The JIRA ticket: https://issues.apache.org/jira/browse/CAMEL-23322 refers to the various commits that resolved the issue, and have more details. This issue follows the same class of vulnerability previously addressed in CVE-2024-22369, CVE-2024-23114 and CVE-2026-25747.
Remote code execution in Atlassian Bamboo Data Center versions 9.6.0 through 12.1.0 allows authenticated attackers to execute arbitrary OS commands via command injection vulnerability. The attack requires low-privilege authentication (PR:L) but no user interaction, enabling complete system compromise across confidentiality, integrity, and availability with cross-scope impact (SC:H/SI:H/SA:H indicating container escape or lateral movement potential). Atlassian has released patches for three major version branches (9.6.25, 10.2.18, 12.1.6). No active exploitation confirmed in CISA KEV at time of analysis, though the authenticated nature and critical CVSS 9.4 score warrant immediate patching for internet-exposed instances with broad user access.
Improper authorization in GitLab CE/EE Jira Connect integration allows authenticated users with minimal workspace permissions to steal installation credentials and impersonate the GitLab application. Affects versions 14.3 through 18.8.6, 18.9.0-18.9.2, and 18.10.0. Vendor-released patches available in versions 18.8.7, 18.9.3, and 18.10.1. High CVSS score (8.1) reflects significant confidentiality and integrity impact with low attack complexity. No public exploit identified at time of analysis, though detailed disclosure exists via HackerOne report.
Remote code execution in Atlassian Bamboo Data Center versions 9.6.0 through 12.1.0 allows authenticated attackers with high privileges to execute arbitrary code on affected systems with a CVSS score of 8.6. The vulnerability impacts multiple major versions with no patch currently available, requiring immediate upgrade to patched releases such as 9.6.24, 10.2.16, or 12.1.3. Organizations unable to upgrade should prioritize access controls for high-privileged accounts until remediation is possible.
LibreChat versions 0.8.2 through 0.8.2-rc3 contain an authentication bypass vulnerability in the Model Context Protocol (MCP) OAuth callback endpoint that allows attackers to steal OAuth tokens by tricking victims into completing an OAuth flow, resulting in account takeover of the victim's MCP-linked services like Atlassian and Outlook. No active exploitation is known (not in KEV), no POC is publicly available, and EPSS data is not yet available for this newly disclosed vulnerability.
MCP Atlassian server has a path traversal vulnerability enabling unauthorized access to Confluence and Jira data outside the intended scope.
Unauthenticated attackers can abuse the MCP Atlassian server to perform arbitrary outbound HTTP requests by manipulating HTTP headers, enabling credential theft from cloud instance metadata endpoints or internal network reconnaissance without requiring authentication. The vulnerability exists in the HTTP middleware layer prior to version 0.17.0, affecting Atlassian Confluence and Jira deployments. No patch is currently available.
XXE injection in Atlassian Crowd Data Center and Server 7.1.0+ enables authenticated attackers to read local and remote files, significantly compromising confidentiality and availability. The vulnerability requires high privileges to exploit but accepts no user interaction, affecting multiple Crowd versions until patching to 7.1.3 or later. No patch is currently available for all affected versions.
XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Prior to 1.27.1, the macro executes Velocity from the details pages without checking for permissions, which can lead to remote code execution. This vulnerability is fixed in 1.27.1.
XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Mattermost Confluence Plugin version <1.5.0 fails to check the access of the user to the channel which allows attackers to create channel subscription without proper access to the channel via API. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Mattermost Confluence Plugin version <1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to create channel subscription endpoint with an invalid. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Mattermost Confluence Plugin version <1.5.0 fails to enforce authentication of the user to the Mattermost instance which allows unauthenticated attackers to edit channel subscriptions via API call to. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Mattermost Confluence Plugin version <1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to server webhook endpoint with an invalid request body. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Mattermost Confluence Plugin version <1.5.0 fails to check the access of the user to the Confluence space which allows attackers to create a subscription for a Confluence space the user does not have. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Mattermost Confluence Plugin version <1.5.0 fails to check the access of the user to the channel which allows attackers to create a channel subscription without proper access to the channel via API. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Mattermost Confluence Plugin version <1.5.0 fails to check the access of the user to the channel which allows attackers to get channel subscription details without proper access to the channel via. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Mattermost Confluence Plugin version <1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to server webhook endpoint with an invalid request body. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Mattermost Confluence Plugin version <1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to update channel subscription endpoint with an invalid. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Mattermost Confluence Plugin version <1.5.0 fails to enforce authentication of the user to the Mattermost instance which allows unauthenticated attackers to access subscription details without via. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Mattermost Confluence Plugin version <1.5.0 fails to check the access of the user to the Confluence space which allows attackers to edit a subscription for a Confluence space the user does not have. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Mattermost Confluence Plugin version <1.5.0 fails to check the authorization of the user to the Mattermost instance which allows attackers to create a channel subscription without proper. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Mattermost Confluence Plugin version <1.5.0 fails to check the access of the user to the channel which allows attackers to get channel subscription details without proper access to the channel via. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Akeles Out of Office Assistant for Jira 4.0.1 is vulberable to Cross Site Scripting (XSS) via the Jira fullName parameter.
In JetBrains TeamCity before 2025.03.2 stored XSS via Jira integration was possible. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
This High severity PrivEsc (Privilege Escalation) vulnerability was introduced in versions: 9.12.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Core Data Center and Server 5.12.0, 10.3.0, 10.4.0, and 10.5.0. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.
Mattermost versions 10.4.x <= 10.4.2, 10.5.x <= 10.5.0, 9.11.x <= 9.11.9 fail to restrict domains the LLM can request to contact upstream which allows an authenticated user to exfiltrate data from an. Rated low severity (CVSS 3.0), this vulnerability is remotely exploitable. No vendor patch available.
The XWiki JIRA extension provides various integration points between XWiki and JIRA (macros, UI, CKEditor plugin). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
An authenticated stored cross-site scripting (XSS) vulnerability in The Plugin People Enterprise Mail Handler for Jira Data Center (JEMH) before v4.1.69-dc allows attackers with Administrator. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
XWiki Confluence Migrator Pro helps admins to import confluence packages into their XWiki instance. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
XWiki Confluence Migrator Pro helps admins to import confluence packages into their XWiki instance. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
matrix-hookshot is a Matrix bot for connecting to external services like GitHub, GitLab, JIRA, and more. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
@codidact/qpixel is a Q&A-based community knowledge-sharing software. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.