Vulnerabilities > Atlassian > Hipchat > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-01-09 CVE-2018-1000419 Unspecified vulnerability in Atlassian Hipchat
An improper authorization vulnerability exists in Jenkins HipChat Plugin 2.2.0 and earlier in HipChatNotifier.java that allows attackers with Overall/Read access to obtain credentials IDs for credentials stored in Jenkins.
network
low complexity
atlassian
6.5
6.5
2017-05-05 CVE-2017-8058 Improper Certificate Validation vulnerability in Atlassian Hipchat 3.16.1
Acceptance of invalid/self-signed TLS certificates in Atlassian HipChat before 3.16.2 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept information sent during the login API call.
network
high complexity
atlassian CWE-295
5.9
5.9