-
Type:
Bug
-
Resolution: Fixed
-
Priority:
Medium
-
Component/s: None
-
4.3
A number of actions in JIRA were vulnerable to CSRF as they performed no token checking. These actions are protected by websudo, which makes exploiting them impossible.