Security Vulnerabilities
This page lists all security vulnerabilities found via our Bug Bounty program.
Priority | Affected apps/website | Status | Disclosed date | Fixed date |
|---|---|---|---|---|
P3 | Quick Filters for Jira Dashboards | FIXED | Apr 16 2025 | Apr 18 2025 |
P3 | Quick Filters for Jira Dashboards | FIXED | Nov 18 2024 | Nov 20 2024 |
P4 | External Data for Jira Fields | FIXED | Oct 29 2024 | Oct 30 2024 |
P4 | External Data for Jira Fields | FIXED | Oct 16 2024 | Oct 20 2024 |
P3 | Comment History Log for Jira | FIXED | Sep 26 2024 | Sep 27 2024 |
P3 | Deep Clone for Jira | FIXED | Jul 19 2024 | Jul 22 2024 |
P3 | External Data for Jira Fields | FIXED | Jul 19 2024 | Jul 19 2024 |
P4 | Deep Clone for Jira | FIXED | Jul 19 2024 | Jul 19 2024 |
P3 | Version Sync for Jira | FIXED | Jul 18 2024 | Jul 19 2024 |
P4 | Advanced Bulk Edit for Jira | FIXED | Jul 18 2024 | Jul 18 2024 |
P3 | External Data for Jira Fields | FIXED | Jul 11 2024 | Jul 12 2024 |
P3 | External Data for Jira Fields | FIXED | Jul 11 2024 | Jul 11 2024 |
P3 | Advanced Bulk Edit for Jira | FIXED | Jul 11 2024 | Jul 11 2024 |
P2 | Slack for Confluence | FIXED | Jul 11 2024 | Jul 11 2024 |
P3 | Slack for Confluence | FIXED | Jul 09 2024 | Jul 10 2024 |
P3 | Merge Agent for Jira | FIXED | Jun 24 2024 | Jun 25 2024 |
P3 | Comment History Log for Jira | FIXED | Jun 24 2024 | Jun 24 2024 |
P3 | Merge Agent for Jira | FIXED | Jun 24 2024 | Jun 24 2024 |
P3 | Quick Filters for Jira Dashboards | FIXED | May 12 2023 | May 12 2023 |
P3 | (Quick Filters for Jira Dashboards) *1 | FIXED | May 02 2023 | May 02 2023 |
P3 | Deep Clone for Jira | FIXED | Apr 28 2023 | May 03 2023 |
P3 | Deep Clone for Jira | FIXED | Apr 28 2023 | May 02 2023 |
P3 | External Data for Confluence | FIXED | Apr 20 2023 | Apr 24 2023 |
P4 | Deep Clone for Jira | FIXED | Jul 27 2022 | Jul 27 2022 |
P4 | External Data for Jira Fields | FIXED | Oct 04 2021 | Oct 06 2021 |
P3 | Deep Clone for Jira | FIXED | Sep 22 2021 | Sep 27 2021 |
P4 | External Data for Jira Fields | FIXED | Apr 04 2021 | Apr 06 2021 |
P3 | Deep Clone for Jira | FIXED | Mar 26 2021 | Mar 29 2021 |
P3 | Deep Clone for Jira | FIXED | Feb 04 2021 | Feb 06 2021 |
P3 | Deep Clone for Jira | FIXED | Feb 04 2021 | Feb 05 2021 |
P4 | Quick Filters for Jira Dashboards | FIXED | Jan 07 2021 | Jan 07 2021 |
P3 | Slack for Confluence | FIXED | Nov 03 2020 | Nov 04 2020 |
P3 | External Data for Jira Fields | FIXED | Nov 02 2020 | Nov 03 2020 |
P4 | External Data for Jira Fields | FIXED | Jul 22 2020 | Jul 27 2020 |
P2 | Comment Custom Fields for Jira | FIXED | May 06 2020 | May 07 2020 |
P4 | codefortynine.atlassian.net | FIXED | Apr 10 2020 | Apr 10 2020 |
P3 | Deep Clone for Jira | FIXED | Mar 09 2020 | Mar 09 2020 |
P3 | Deep Clone for Jira | FIXED | Mar 05 2020 | Mar 06 2020 |
*1 Vulnerability is fixed, however the vulnerability was only possible due to a bug within Jira. As of 2023-06-19, it is now fixed in Jira as well and we clarified with Atlassian that it should be redirected to the Atlassian bug bounty program for similar cases in the future.
The priority is determined as follows:
Priority | Severity | CVSS v3 Score Range |
|---|---|---|
P4 | Low | 0.1-3.9 |
P3 | Medium | 4.0-6.9 |
P2 | High | 7.0-8.9 |
P1 | Critical | 9.0-10.0 |