Loading...

XML

Word

Printable

Details

Type: Public Security Vulnerability
Resolution: Fixed
Priority: Low
Fix Version/s: 8.16.0
Affects Version/s: 8.15.0
Component/s: None
Labels:

CVSS Score:
4.3
CVSS Severity:
Medium
CVE ID:
CVE-2021-39124

Description

The Cross-Site Request Forgery (CSRF) failure retry feature of Atlassian Jira Server and Data Center before version 8.16.0 allows remote attackers who are able to trick a user into retrying a request to bypass CSRF protection and replay a crafted request.

*Affected versions:*

version < 8.16.0

*Fixed versions:*

8.16.0

Attachments

Issue Links

mentioned in: Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...

(1 mentioned in)

Activity

People

Assignee:: Unassigned

Reporter:: Security Metrics Bot

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Dates

Created:: 01/Sep/2021 11:49 PM

Updated:: 03/Oct/2022 6:11 PM

Resolved:: 14/Sep/2021 4:22 AM