Description
Affected versions of Atlassian Jira Server and Data Center allow a remote attacker who has had their access revoked from Jira Service Management to enable and disable Issue Collectors on Jira Service Management projects via an Improper Authentication vulnerability in the /secure/ViewCollectors endpoint. The affected versions are before version 8.19.1.
Remediation
References
Related Vulnerabilities
WordPress Plugin Swiss Toolkit For WP Security Bypass (1.0.8)
WordPress Plugin Users to CSV Cross-Site Request Forgery (1.4.5)
phpMyFAQ Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2017-11187)
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4200)
WordPress Plugin PayPal WP Button Manager SQL Injection (0.1.1)