Details
-
Suggestion
-
Resolution: Done
-
None
Description
GHCreateNewIssue.jspa is not protected against XSRF attacks.
Impact: It is possible for an attacker to make a victim create new issues on the victim's JIRA instance through this bug in GHCreateNewIssue.jspa.
Attachments
Issue Links
- has a derivative of
-
JSWCLOUD-6355 XSRF in com.pyxis.greenhopper.jira.actions.VersionBoardAction
- Closed
-
JSWCLOUD-6356 XSRF com.pyxis.greenhopper.jira.actions.TaskBoardAction
- Closed
There are no Sub-Tasks for this issue.