Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Atlassian Subscribe
Filtered by product Bamboo
Total 24 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-18080 1 Atlassian 1 Bamboo 2024-11-21 6.8 MEDIUM 8.8 HIGH
The saveConfigureSecurity resource in Atlassian Bamboo before version 6.3.1 allows remote attackers to modify security settings via a Cross-site request forgery (CSRF) vulnerability.
CVE-2017-18042 1 Atlassian 1 Bamboo 2024-11-21 6.8 MEDIUM 8.8 HIGH
The update user administration resource in Atlassian Bamboo before version 6.3.1 allows remote attackers to modify user data including passwords via a Cross-site request forgery (CSRF) vulnerability.
CVE-2017-18041 1 Atlassian 1 Bamboo 2024-11-21 3.5 LOW 5.4 MEDIUM
The viewDeploymentVersionJiraIssuesDialog resource in Atlassian Bamboo before version 6.2.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a release.
CVE-2017-18040 1 Atlassian 1 Bamboo 2024-11-21 3.5 LOW 5.4 MEDIUM
The viewDeploymentVersionCommits resource in Atlassian Bamboo before version 6.2.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a release.