Description
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to restore the default configuration of fields via a Cross-Site Request Forgery (CSRF) vulnerability in the /secure/admin/RestoreDefaults.jspa endpoint. The affected versions are before version 8.21.0.
Remediation
References
Related Vulnerabilities
MyBB URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-10678)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-0793)
Drupal Core 9.2.x Cross-Site Request Forgery (9.2.0 - 9.2.5)
OpenSSL DEPRECATED: Code Vulnerability (CVE-2015-0287)
WordPress Plugin Quick Contact Form Multiple Vulnerabilities (8.0.3.1)