Details
-
Bug
-
Resolution: Fixed
-
Medium
-
None
-
5
-
Description
NOTE: This bug report is for JIRA Cloud. Using JIRA Server? See the corresponding bug report.
The jsp located at /views/importall_result.jsp logs users out without any confirmation (csrf logout!) and it shouldn't do so without user confirmation.
Attachments
Issue Links
- is related to
-
JRASERVER-28073 Import Results action / jsp is susceptible to XSRF
- Closed