Description

The Cross-Site Request Forgery (CSRF) failure retry feature of Atlassian Jira Server and Data Center before version 8.16.0 allows remote attackers who are able to trick a user into retrying a request to bypass CSRF protection and replay a crafted request.

Remediation

References

CVE-2021-39124

Related Vulnerabilities

EspoCRM Relative Path Traversal Vulnerability (CVE-2026-33733)

WordPress Plugin GEO my WordPress Unspecified Vulnerability (2.6.1.1)

WordPress Plugin Flickr Gallery PHP Object Injection (1.5.2)

MediaWiki CVE-2023-45362 Vulnerability (CVE-2023-45362)

Microsoft SQL Server CVE-2023-21713 Vulnerability (CVE-2023-21713)

Severity

High

Classification

CVE-2021-39124 CWE-352

Tags

Missing Update Known Vulnerabilities