• Type: Bug
• Resolution: Fixed
• Priority: Medium
• Fix Version/s: 4.5.4, 4.6.0
• Affects Version/s: 4.5.3
• Component/s: None
• Labels:

  • CVE-2018-13398
  • advisory
  • advisory-released
  • bugbounty
  • csrf
  • cvss-medium
  • security
  • xsrf

[FE-7100] The administrative smart-commits resource was vulnerable to Cross-site request forgery (CSRF) - CVE-2018-13398

Owen made changes - 16/Oct/2018 8:16 AM

Workflow

Original: FE-CRUC Bug Workflow [ 2944352 ]

New: JAC Bug Workflow v3 [ 2957067 ]

Owen made changes - 16/Oct/2018 4:43 AM

Workflow

Original: FECRU Development Workflow - Triage - Restricted [ 2821492 ]

New: FE-CRUC Bug Workflow [ 2944352 ]

David Black made changes - 17/Sep/2018 1:11 PM

Labels

Original: CVE-2018-13398 advisory advisory-to-release bugbounty csrf cvss-medium security xsrf

New: CVE-2018-13398 advisory advisory-released bugbounty csrf cvss-medium security xsrf

David Black made changes - 17/Sep/2018 1:10 PM

Labels

Original: CVE-2018-13398 advisory advisory-to-release bugbounty csrf cvss-medium security

New: CVE-2018-13398 advisory advisory-to-release bugbounty csrf cvss-medium security xsrf

David Black made changes - 17/Sep/2018 1:10 PM

Summary

Original: The administrative smart-commits resource was vulnerable to CSRF - CVE-2018-13398

New: The administrative smart-commits resource was vulnerable to Cross-site request forgery (CSRF) - CVE-2018-13398

David Black made changes - 17/Sep/2018 1:05 PM

Complexity		New: Unknown [ 10450 ]
Fix Version/s		New: 4.6.0 [ 75497 ]
Fix Version/s		New: 4.5.4 [ 81095 ]
Fix Version/s	Original: 4.6.0 [ 74797 ]
Fix Version/s	Original: 4.5.4 [ 80010 ]
Key	Original: FECRU-7626	New: FE-7100
Symptom Severity		New: Major [ 14431 ]
Value		New: Unknown [ 10456 ]
Affects Version/s		New: 4.5.3 [ 78101 ]
Affects Version/s	Original: 4.5.3 [ 78099 ]
Workflow	Original: FECRU Development Workflow [ 2821479 ]	New: FECRU Development Workflow - Triage - Restricted [ 2821492 ]
Project	Original: FishEye Crucible Development [ 12300 ]	New: FishEye [ 11830 ]

David Black made changes - 17/Sep/2018 1:04 PM

Labels

Original: advisory advisory-to-release bugbounty csrf cvss-medium security

New: CVE-2018-13398 advisory advisory-to-release bugbounty csrf cvss-medium security

David Black made changes - 17/Sep/2018 1:04 PM

Summary

Original: The administrative smart-commits resource was vulnerable to CSRF - CVE-2018-

New: The administrative smart-commits resource was vulnerable to CSRF - CVE-2018-13398

David Black made changes - 17/Sep/2018 12:49 PM

Link

New: This issue is related to FECRU-7627 [ FECRU-7627 ]

David Black made changes - 17/Sep/2018 12:49 PM

Link

Original: This issue was cloned as FECRU-7627 [ FECRU-7627 ]

Load more older events