Description

The ForgotLoginDetails resource in Atlassian Jira before version 7.6.6, from version 7.7.0 before version 7.7.4, from version 7.8.0 before version 7.8.4 and from version 7.9.0 before version 7.9.2 allows remote attackers to perform a denial of service attack via sending requests to it.

Remediation

References

CVE-2018-5231

Related Vulnerabilities

WordPress Plugin Style Kits-Advanced Theme Styles for Elementor Cross-Site Request Forgery (1.8.0)

DataTables Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-36713)

Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3093)

OpenSSL Cryptographic Issues Vulnerability (CVE-2012-2686)

Magento Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2212)

Severity

High

Classification

CVE-2018-5231

Tags

Missing Update Known Vulnerabilities