Description

The ChangeSharedFilterOwner resource in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allows remote attackers to attack users, in some cases be able to obtain a user's Cross-site request forgery (CSRF) token, via a open redirect vulnerability.

Remediation

References

CVE-2019-11589

Related Vulnerabilities

Internet Information Services Other Vulnerability (CVE-1999-1544)

WordPress Plugin Revamp CRM for WooCommerce Local File Inclusion (1.0.3)

WordPress Plugin Booking Multiple Vulnerabilities (2.5)

Atlassian Jira CVE-2020-4029 Vulnerability (CVE-2020-4029)

osCommerce Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-18572)

Severity

Medium

Classification

CVE-2019-11589 CWE-601 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities