CVE-2023-22501: Authentication Vulnerability Discovered in Jira Service Management Server and Data Center, Allowing Attackers to Impersonate Users and Gain Access
Introduction: A newly discovered authentication vulnerability (CVE-2023-22501) affects Jira Service Management Server and Data Center, potentially allowing attackers to impersonate users and gain access to
CVE-2022-3572 - GitLab CE/EE Cross-Site Scripting Vulnerability in Jira Connect Integration Markdown-Formatted
A recent discovery reveals that GitLab CE/EE (Community Edition/Enterprise Edition) has a cross-site scripting (XSS) vulnerability, identified as CVE-2022-3572, that affects a wide
CVE-2022-2761: An Information Disclosure Issue in GitLab CE/EE Affecting Versions 14.4 Prior to 15.3.5, 15.4 Prior to 15.4.4, and 15.5 Prior to 15.5.2
---
The Common Vulnerabilities and Exposures (CVE) has identified a new information disclosure issue, identified as CVE-2022-2761, in GitLab Community Edition (CE) and Enterprise Edition
CVE-2022-39960 The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks
An attacker with control over a victim’s Jira instance could use this flaw to export all groups from the Jira instance to a remote
CVE-2022-38367 The Netic User Export add-on before 2.0.6 for Atlassian Jira does not perform authorization checks
This issue has been fixed in Jira 7.0.6 and later. Additionally, the LDAP Authenticated Users permission gives full control over the LDAP server
Episode
00:00:00
00:00:00