Description

The IncomingMailServers resource in Atlassian Jira before version 7.6.2 allows remote attackers to modify the "incoming mail" whitelist setting via a Cross-site request forgery (CSRF) vulnerability.

Remediation

References

CVE-2017-16862

Related Vulnerabilities

WordPress Plugin WordPress Photo Gallery-Image Gallery Cross-Site Request Forgery (1.0.6)

Plone CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-21336)

Jenkins Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2021-21607)

SharePoint CVE-2021-24071 Vulnerability (CVE-2021-24071)

WordPress Plugin FlightLog SQL Injection (3.0.2)

Severity

Medium

Classification

CVE-2017-16862 CWE-352

Tags

Missing Update Known Vulnerabilities