-
Bug
-
Resolution: Fixed
-
High (View bug fix roadmap)
-
7.13.0, 8.1.1
-
7.13
-
Severity 2 - Major
-
Various exposed resources of the ViewLogging class in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allow remote attackers to modify various settings via Cross-site request forgery (CSRF).
- mentioned in
-
Page Failed to load
Form Name |
---|
This is an independent assessment and you should evaluate its applicability to your own IT environment.
CVSS v3 score: 5.4 => Medium severity
Exploitability Metrics
Scope Metric
Impact Metrics
https://asecurityteam.bitbucket.io/cvss_v3/#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L