Description
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to toggle the Thread Contention and CPU monitoring settings via a Cross-Site Request Forgery (CSRF) vulnerability in the /secure/admin/ViewInstrumentation.jspa endpoint. The affected versions are before version 8.21.0.
Remediation
References
Related Vulnerabilities
WordPress Plugin BetterDocs-Best Documentation & Knowledge Base Cross-Site Scripting (1.8.4)
WordPress Plugin Qiniu Uploader Cross-Site Scripting (0.1)
WordPress Plugin Events Registration with PayPal IPN Multiple SQL Injection Vulnerabilities (2.1.2)
WordPress Plugin WordPress Download Manager Cross-Site Request Forgery (2.9.60)