Latest Vulnerabilities Affecting Atlassian products

Date	CVE	Title	CVSS
2019-05-22	CVE-2019-3401	Information Leak / Disclosure vulnerability in Atlassian Jira	Medium
2019-05-22	CVE-2019-8443	Improper Access Control vulnerability in Atlassian Jira	Medium
2019-05-22	CVE-2019-3402	Cross-Site Scripting (XSS) vulnerability in Atlassian Jira	Medium
2019-05-22	CVE-2019-3403	Improper Authorization vulnerability in Atlassian Jira	Medium
2019-05-22	CVE-2019-8442	Improper Access Control vulnerability in Atlassian Jira	Medium
2019-05-03	CVE-2018-20824	Cross-Site Scripting (XSS) vulnerability in Atlassian Jira	Medium
2019-05-03	CVE-2019-3400	Cross-Site Scripting (XSS) vulnerability in Atlassian Jira	Medium
2019-04-30	CVE-2019-3399	Information Leak / Disclosure vulnerability in Atlassian Jira	Medium
2019-04-30	CVE-2018-20239	Cross-Site Scripting (XSS) vulnerability in Atlassian Application Links	Low
2019-04-18	CVE-2019-3398	Path Traversal vulnerability in Atlassian Confluence	High
2019-03-29	CVE-2017-18105	Session Fixation vulnerability in Atlassian Crowd	Medium
2019-03-29	CVE-2017-18106	Authentication Issues vulnerability in Atlassian Crowd	Medium
2019-03-29	CVE-2017-18111	Improper Restriction of XML External Entity Reference ('XXE') vulnerability in Atlassian Application Links 5.0.10/5.1.0/5.2.0	Medium
2019-03-29	CVE-2017-18109	URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Atlassian Crowd	Medium
2019-03-29	CVE-2017-18108	Code Injection vulnerability in Atlassian Crowd	Medium

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.