Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-66643

Various Cross-site request forgery(CSRF) vulnerabilities in the Jira-importers-plugin - CVE-2017-18033

    XMLWordPrintable

Details

    Description

      The Jira-importers-plugin in Atlassian Jira before version 7.6.1 allows remote attackers to create new projects and abort an executing external system import via various Cross-site request forgery (CSRF) vulnerabilities.

      Attachments

        Activity

          People

            Unassigned Unassigned
            security-metrics-bot Security Metrics Bot
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: