Vulnerabilities > Atlassian > Jira > 6.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-10 | CVE-2016-4319 | Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Jira Atlassian JIRA Server before 7.1.9 has CSRF in auditing/settings. | 8.8 |
| 2017-04-10 | CVE-2016-4318 | Cross-site Scripting vulnerability in Atlassian Jira Atlassian JIRA Server before 7.1.9 has XSS in project/ViewDefaultProjectRoleActors.jspa via a role name. | 4.8 |
| 2017-01-31 | CVE-2016-6285 | Cross-site Scripting vulnerability in Atlassian Jira Cross-site scripting (XSS) vulnerability in includes/decorators/global-translations.jsp in Atlassian JIRA before 7.2.2 allows remote attackers to inject arbitrary web script or HTML via the HTTP Host header. | 6.1 |