Bamboo CVEs and Security Vulnerabilities - OpenCVE

Filtered by vendor Atlassian Subscriptions

Filtered by product Bamboo Subscriptions

Search

Switch to Advanced Search (Beta)

Total 24 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2017-18080	1 Atlassian	1 Bamboo	2024-11-21	N/A
The saveConfigureSecurity resource in Atlassian Bamboo before version 6.3.1 allows remote attackers to modify security settings via a Cross-site request forgery (CSRF) vulnerability.
CVE-2017-18042	1 Atlassian	1 Bamboo	2024-11-21	N/A
The update user administration resource in Atlassian Bamboo before version 6.3.1 allows remote attackers to modify user data including passwords via a Cross-site request forgery (CSRF) vulnerability.
CVE-2017-18041	1 Atlassian	1 Bamboo	2024-11-21	N/A
The viewDeploymentVersionJiraIssuesDialog resource in Atlassian Bamboo before version 6.2.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a release.
CVE-2017-18040	1 Atlassian	1 Bamboo	2024-11-21	N/A
The viewDeploymentVersionCommits resource in Atlassian Bamboo before version 6.2.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a release.

« first previous Page 2 of 2.