|
223291
|
5.4 |
MEDIUM
Network
|
atlassian
|
jira
jira_software_data_center
jira_server
jira_data_center
|
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in Issue Navigator Basic Search…
|
CWE-79
Cross-site Scripting
|
CVE-2019-20414
|
2024-11-21 13:38 |
2020-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223292
|
7.5 |
HIGH
Network
|
atlassian
|
jira
jira_software_data_center
jira_server
jira_data_center
|
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to impact the application's availability via a Denial of Service (DoS) vulnerability on the UserPickerBrowser.jspa pa…
|
NVD-CWE-noinfo
|
CVE-2019-20413
|
2024-11-21 13:38 |
2020-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223293
|
5.3 |
MEDIUM
Network
|
atlassian
|
jira
jira_software_data_center
jira_server
jira_data_center
|
The Convert Sub-Task to Issue page in affected versions of Atlassian Jira Server and Data Center allow remote attackers to enumerate the following information via an Improper Authentication vulnerabi…
|
CWE-287
Improper Authentication
|
CVE-2019-20412
|
2024-11-21 13:38 |
2020-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223294
|
4.3 |
MEDIUM
Network
|
atlassian
|
jira
jira_server
jira_data_center
|
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to modify Wallboard settings via a Cross-site request forgery (CSRF) vulnerability. The affected versions are before …
|
CWE-352
Origin Validation Error
|
CVE-2019-20411
|
2024-11-21 13:38 |
2020-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223295
|
6.5 |
MEDIUM
Network
|
atlassian
|
jira
jira_software_data_center
jira_server
jira_data_center
|
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view sensitive information via an Information Disclosure vulnerability in the comment restriction feature. The aff…
|
NVD-CWE-noinfo
|
CVE-2019-20410
|
2024-11-21 13:38 |
2020-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223296
|
9.8 |
CRITICAL
Network
|
atlassian
|
jira_software_data_center
jira
|
The way in which velocity templates were used in Atlassian Jira Server and Data Center prior to version 8.8.0 allowed remote attackers to gain remote code execution if they were able to exploit a ser…
|
CWE-74
Injection
|
CVE-2019-20409
|
2024-11-21 13:38 |
2020-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223297
|
8.1 |
HIGH
Network
|
intelliants
|
subrion
|
A Cross-Site Request Forgery (CSRF) vulnerability was discovered in Subrion CMS 4.2.1 that allows a remote attacker to remove files on the server without a victim's knowledge, by enticing an authenti…
|
CWE-352
Origin Validation Error
|
CVE-2019-20390
|
2024-11-21 13:38 |
2020-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223298
|
6.1 |
MEDIUM
Network
|
intelliants
|
subrion
|
An XSS issue was identified on the Subrion CMS 4.2.1 /panel/configuration/general settings page. A remote attacker can inject arbitrary JavaScript code in the v[language_switch] parameter (within mul…
|
CWE-79
Cross-site Scripting
|
CVE-2019-20389
|
2024-11-21 13:38 |
2020-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223299
|
6.1 |
MEDIUM
Network
|
atlassian
|
confluence_server
|
The attachment-uploading feature in Atlassian Confluence Server from version 6.14.0 through version 6.14.3, and version 6.15.0 before version 6.15.5 allows remote attackers to achieve stored cross-si…
|
CWE-79
Cross-site Scripting
|
CVE-2019-20102
|
2024-11-21 13:38 |
2020-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223300
|
4.8 |
MEDIUM
Network
|
netgear
|
rbr50_firmware
rbk50_firmware
rbs50_firmware
|
Certain NETGEAR devices are affected by stored XSS. This affects RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30.
|
CWE-79
Cross-site Scripting
|
CVE-2019-20661
|
2024-11-21 13:38 |
2020-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
