Details
-
Bug
-
Resolution: Fixed
-
Medium
-
None
-
4.3
-
Description
A number of actions in JIRA were vulnerable to CSRF as they performed no token checking. These actions are protected by websudo, which makes exploiting them impossible.