Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Atlassian — Vulnerabilities & Security Advisories 399

Browse all 399 CVE security advisories affecting Atlassian. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Atlassian provides enterprise collaboration and project management software, primarily serving development teams through platforms like Jira and Confluence. With 399 recorded Common Vulnerabilities and Exposures (CVEs), the company’s software has historically been susceptible to critical security flaws, including Remote Code Execution (RCE), Cross-Site Scripting (XSS), and privilege escalation vulnerabilities. These issues often stem from improper input validation or authentication bypasses within their web interfaces and APIs. Notable incidents include the 2022 Jira Service Management vulnerability that allowed unauthenticated attackers to execute arbitrary code, highlighting risks associated with exposed administrative endpoints. The high volume of CVEs reflects the complexity of their extensive feature set and frequent updates, necessitating rigorous patch management and strict access controls for organizations relying on these tools for sensitive operational data and workflow automation.

Top products by Atlassian: Jira Server Jira Confluence Data Center Confluence Server Fisheye and Crucible Crucible Bitbucket Server Jira Align Jira Server and Data Center Crowd Fisheye Bamboo Jira Service Management Server Confluence Sourcetree for Windows Bamboo Data Center Application Links Bitbucket Data Center Jira Service Desk Server Atlassian Fisheye and Crucible Sourcetree for macOS Universal Plugin Manager Crowd Data Center Sourcetree for Mac Atlassian Application Links Companion App Confluence Questions Bamboo Server Jira Core Server Atlassian Connect Spring Boot (ACSB)
CVE IDTitleCVSSSeverityPublished
CVE-2018-20236 Atlassian Sourcetree 命令注入漏洞 — Sourcetree for Windows 8.8 -2019-03-08
CVE-2018-20240 Atlassian Fisheye和Crucible 跨站脚本漏洞 — Fisheye and Crucible 6.1 -2019-02-20
CVE-2018-20241 Atlassian Fisheye和Crucible 跨站脚本漏洞 — Fisheye and Crucible 5.4 -2019-02-20
CVE-2018-13403 Atlassian Jira 跨站脚本漏洞 — Jira 5.4 -2019-02-13
CVE-2018-13404 Atlassian Jira 代码问题漏洞 — Jira 4.1 -2019-02-13
CVE-2018-20232 Atlassian Jira 跨站脚本漏洞 — Jira 5.4 -2019-02-13
CVE-2018-20237 Atlassian Confluence Server 信息泄露漏洞 — Confluence Server 6.5 -2019-02-13
CVE-2018-20238 Atlassian Crowd 设计错误漏洞 — Crowd 8.1 -2019-02-13
CVE-2018-20233 Atlassian Universal Plugin Manager 安全漏洞 — Universal Plugin Manager 6.5 -2019-01-18
CVE-2018-13396 Atlassian Sourcetree 安全漏洞 — Sourcetree for macOS 9.8 -2018-11-05
CVE-2018-13397 Atlassian Sourcetree 安全漏洞 — Sourcetree for Windows 9.8 -2018-11-05
CVE-2018-13400 Atlassian JIRA 访问控制错误漏洞 — Jira 6.0 -2018-10-23
CVE-2018-13401 Atlassian JIRA 安全漏洞 — Jira 4.7 -2018-10-23
CVE-2018-13402 Atlassian JIRA 安全漏洞 — Jira 6.1 -2018-10-23
CVE-2018-13399 Atlassian Fisheye和Crucible 安全漏洞 — Fisheye and Crucible 7.8 -2018-10-16
CVE-2018-13398 Atlassian Fisheye和Crucible 跨站请求伪造漏洞 — Fisheye and Crucible 6.5 -2018-09-18
CVE-2018-13391 Atlassian JIRA Server ProfileLinkUserFormat组件安全漏洞 — Jira 5.3 -2018-08-28
CVE-2018-13395 Atlassian JIRA 跨站脚本漏洞 — Jira 6.1 -2018-08-28
CVE-2018-13393 Atlassian Confluence Questions 跨站请求伪造漏洞 — Confluence Questions 4.3 -2018-08-15
CVE-2018-13394 Atlassian Confluence Questions 跨站请求伪造漏洞 — Confluence Questions 4.3 -2018-08-15
CVE-2018-13392 Atlassian Fisheye和Crucible 跨站脚本漏洞 — Fisheye and Crucible 6.1 -2018-08-13
CVE-2018-13390 Cloudtoken 安全漏洞 — cloudtoken 8.2 -2018-08-10
CVE-2017-18104 Atlassian Jira Webhooks组件安全漏洞 — Jira 5.9 -2018-07-24
CVE-2018-13385 Atlassian Sourcetree for macOS 安全漏洞 — Sourcetree for macOS 8.1 -2018-07-24
CVE-2018-13386 Atlassian Sourcetree for Windows 参数注入漏洞 — Sourcetree for Windows 8.1 -2018-07-24
CVE-2017-18103 Atlassian-http库输入验证漏洞 — atlassian-http 4.7 -2018-07-18
CVE-2018-5232 Atlassian Jira 跨站脚本漏洞 — Jira 6.1 -2018-07-18
CVE-2018-13387 Atlassian JIRA Server 跨站脚本漏洞 — Jira 6.1 -2018-07-16
CVE-2018-5229 Atlassian Universal Plugin Manager 跨站脚本漏洞 — Universal Plugin Manager 5.4 -2018-07-16
CVE-2018-13388 Atlassian Fisheye和Crucible 跨站脚本漏洞 — Fisheye and Crucible 5.4 -2018-07-10

This page lists every published CVE security advisory associated with Atlassian. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.