-
Public Security Vulnerability
-
Resolution: Fixed
-
Low (View bug fix roadmap)
-
8.20.2
-
None
-
3
-
Low
-
CVE-2021-43952
Affected versions of Atlassian Jira Server and Data Center allow authenticated remote attackers to restore the default configuration of fields via a Cross-Site Request Forgery (CSRF) vulnerability in the /secure/admin/RestoreDefaults.jspa endpoint.
This bug is currently fixed on Jira 8.21.0.
Non LTS versions < 8.21.0 are still affected.
Previous LTS versions affected by this bug:
- Jira < 8.20.6 and Jira < 8.13.18
The bug fix was backported to the following previous LTS version patches:
- Fixed on Jira 8.20.6 and 8.13.18
- mentioned in
-
Page Failed to load
Default field configuration can be restored via CSRF - CVE-2021-43952
-
-
Resolution: Fixed
-
Low
-
8.20.2
-
None
-
3
-
Low
-
CVE-2021-43952
Affected versions of Atlassian Jira Server and Data Center allow authenticated remote attackers to restore the default configuration of fields via a Cross-Site Request Forgery (CSRF) vulnerability in the /secure/admin/RestoreDefaults.jspa endpoint.
This bug is currently fixed on Jira 8.21.0.
Non LTS versions < 8.21.0 are still affected.
Previous LTS versions affected by this bug:
- Jira < 8.20.6 and Jira < 8.13.18
The bug fix was backported to the following previous LTS version patches:
- Fixed on Jira 8.20.6 and 8.13.18
- mentioned in
-
Page Loading...
-
Unassigned
-
Security Metrics Bot
- Votes:
-
0 Vote for this issue
- Watchers:
-
16 Start watching this issue
- Created:
- Updated:
- Resolved: