Description

The Cross-Site Request Forgery (CSRF) failure retry feature of Atlassian Jira Server and Data Center before version 8.16.0 allows remote attackers who are able to trick a user into retrying a request to bypass CSRF protection and replay a crafted request.

Remediation

References

CVE-2021-39124

Related Vulnerabilities

WordPress Plugin TaxoPress-Create and Manage Taxonomies, Tags, Categories Cross-Site Scripting (3.0.7.1)

Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-33943)

PostgreSQL Other Vulnerability (CVE-2000-1199)

Liferay Portal Improper Authentication Vulnerability (CVE-2021-29047)

Chamilo Other Vulnerability (CVE-2023-34962)

Severity

High

Classification

CVE-2021-39124 CWE-352

Tags

Missing Update Known Vulnerabilities