cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-26136,https://securityvulnerability.io/vulnerability/CVE-2022-26136,Remote Authentication Bypass Vulnerability in Atlassian Products,"A vulnerability affecting various Atlassian products allows an unauthenticated remote attacker to bypass Servlet Filters utilized by both first and third party applications. The potential impact varies based on the specific filters employed by the applications, leading to possible authentication bypass and cross-site scripting (XSS) exploits. While Atlassian has deployed updates to address the root cause, the comprehensive implications of this vulnerability may not be fully disclosed, highlighting the importance of applying the latest security updates.",Atlassian,"Bamboo Server,Bamboo Data Center,Bitbucket Server,Bitbucket Data Center,Confluence Server,Confluence Data Center,Crowd Server,Crowd Data Center,Crucible,Fisheye,Jira Core Server,Jira Software Server,Jira Software Data Center,Jira Service Management Server,Jira Service Management Data Center",9.8,CRITICAL,0.008580000139772892,false,,false,false,false,,,false,false,,2022-07-20T00:00:00.000Z,0
CVE-2022-26137,https://securityvulnerability.io/vulnerability/CVE-2022-26137,CORS Bypass Vulnerability in Atlassian Products,"A vulnerability in multiple Atlassian products enables a remote attacker to exploit Cross-origin resource sharing (CORS) by sending specially crafted HTTP requests. This can result in unauthorized access to vulnerable applications, permitting the attacker to utilize the permissions of a tricked user who visits a malicious URL. Affected versions of products, including Bamboo, Bitbucket, Confluence, Crowd, Fisheye, Crucible, Jira, and Jira Service Management, must be updated to mitigate this risk.",Atlassian,"Bamboo Server,Bamboo Data Center,Bitbucket Server,Bitbucket Data Center,Confluence Server,Confluence Data Center,Crowd Server,Crowd Data Center,Crucible,Fisheye,Jira Core Server,Jira Software Server,Jira Software Data Center,Jira Service Management Server,Jira Service Management Data Center",8.8,HIGH,0.003659999929368496,false,,false,false,false,,,false,false,,2022-07-20T00:00:00.000Z,0
CVE-2022-26135,https://securityvulnerability.io/vulnerability/CVE-2022-26135,Server-Side Request Forgery in Atlassian Jira Server and Data Center,"A vulnerability in the Mobile Plugin for Jira Data Center and Server allows a remote, authenticated user to exploit a server-side request forgery through a batch endpoint. This flaw permits unauthorized data access, potentially leading to exposure of sensitive information. Affected versions include specific ranges in Jira Server and Data Center, as well as Jira Management Server and Data Center, highlighting the urgency for users to upgrade to secure versions to mitigate risks.",Atlassian,"Jira Core Server,Jira Software Server,Jira Software Data Center,Jira Service Management Server,Jira Service Management Data Center",6.5,MEDIUM,0.027809999883174896,false,,false,false,true,2022-07-07T08:28:02.000Z,true,false,false,,2022-06-30T06:15:00.000Z,0
CVE-2022-0540,https://securityvulnerability.io/vulnerability/CVE-2022-0540,Authentication Bypass in Atlassian Jira Server and Data Center,"A vulnerability in Atlassian's Jira Seraph allows remote, unauthenticated attackers to bypass authentication mechanisms through specially crafted HTTP requests. This issue affects multiple versions of Jira Server and Data Center and also impacts Jira Service Management. Administrators are advised to update their installations to the latest versions to mitigate potential exploitation of this vulnerability.",Atlassian,"Jira Core Server,Jira Software Server,Jira Software Data Center,Jira Service Management Server,Jira Service Management Data Center",9.8,CRITICAL,0.1531900018453598,false,,false,false,true,2022-05-25T10:47:04.000Z,true,false,false,,2022-04-20T00:00:00.000Z,0