Loading...

XML

Word

Printable

Details

Type: Public Security Vulnerability
Resolution: Fixed
Priority: Low
Fix Version/s: 8.13.1, 8.5.10
Affects Version/s: 8.13.0, 7.13.18
Component/s: None
Labels:

CVSS Score:
6.3
CVSS Severity:
Medium
CVE ID:
CVE-2021-39126

Description

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to modify various resources via a Cross-Site Request Forgery (CSRF) vulnerability, following an Information Disclosure vulnerability in the referrer headers which discloses a user's CSRF token.

The affected versions are before version 8.5.10, and from version 8.6.0 before 8.13.1.

Affected versions:

version < 8.5.10
8.6.0 ≤ version < 8.13.1

Fixed versions:

8.5.10
8.13.1

Attachments

Issue Links

is detailed by: VULN-189403 Loading...

mentioned in: Page Loading...; Page Loading...; Page Loading...; Page Loading...

Activity

People

Assignee:: Unassigned

Reporter:: Security Metrics Bot

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 16/Nov/2020 12:12 AM

Updated:: 26/Oct/2023 3:16 PM

Resolved:: 21/Oct/2021 2:41 AM