Vulnerabilities > Atlassian > Jira Service Management > 4.22.3

DATE CVE VULNERABILITY TITLE RISK
2022-06-30 CVE-2022-26135 Server-Side Request Forgery (SSRF) vulnerability in Atlassian products
A vulnerability in Mobile Plugin for Jira Data Center and Server allows a remote, authenticated user (including a user who joined via the sign-up feature) to perform a full read server-side request forgery via a batch endpoint.
network
low complexity
atlassian CWE-918
4.0
4.0
2019-07-26 CVE-2019-13990 XXE vulnerability in multiple products
initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description.
network
low complexity
softwareag oracle apache netapp atlassian CWE-611
critical
 9.8
9.8