CVE-2021-39124

Name of the Vulnerable Software and Affected Versions Atlassian Jira Server and Data Center versions prior to 8.16.0

Description The issue allows remote attackers to bypass Cross-Site Request Forgery (CSRF) protection by tricking a user into retrying a request, enabling them to replay a crafted request.

Recommendations For versions prior to 8.16.0, update to version 8.16.0 or later to resolve the issue. As a temporary workaround, consider restricting user interaction with the CSRF failure retry feature until a patch is applied.