Description
Various exposed resources of the ViewLogging class in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allow remote attackers to modify various settings via Cross-site request forgery (CSRF).
Remediation
References
Related Vulnerabilities
WordPress Plugin Simple Fields Cross-Site Scripting (1.4.11)
WordPress Plugin Post Index Cross-Site Request Forgery (0.7.5)
OpenSSL Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2022-0778)
WordPress Plugin Drag and Drop Multiple File Upload-Contact Form 7 Arbitrary File Upload (1.3.5.4)
Rukovoditel Cleartext Storage of Sensitive Information Vulnerability (CVE-2020-11821)