Uploaded image for project: 'Jira Server and Data Center'
  1. Jira Server and Data Center
  2. JRASERVER-66643

Various Cross-site request forgery(CSRF) vulnerabilities in the Jira-importers-plugin - CVE-2017-18033

    XMLWordPrintable

    Details

      Description

      The Jira-importers-plugin in Atlassian Jira before version 7.6.1 allows remote attackers to create new projects and abort an executing external system import via various Cross-site request forgery (CSRF) vulnerabilities.

        Attachments

          Activity

            People

            Assignee:
            Unassigned
            Reporter:
            security-metrics-bot SecurityB
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: