WEB APPLICATION VULNERABILITIES Standard & Premium

Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-11587)

Description

Various exposed resources of the ViewLogging class in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allow remote attackers to modify various settings via Cross-site request forgery (CSRF).

Remediation

References

Related Vulnerabilities

WordPress Plugin Seriously Simple Podcasting Cross-Site Request Forgery (2.16.0)

WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Cross-Site Scripting (1.5.22)

Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2021-26690)

WordPress Plugin Revive Old Post-Auto Post to Social Media 'cat' Parameter SQL Injection (3.2.5)

IBM WebSEAL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2019-4156)

Severity

Medium

Classification

CVE-2019-11587 CWE-352

Tags

Missing Update Known Vulnerabilities