PT-2025-6281 · Atlassian · Jira
David Black
·
Published
2019-05-14
·
Updated
2025-02-11
·
CVE-2019-15002
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
Atlassian Jira versions 7.6.4 through 8.1.0
Description:
A CSRF issue exists due to the login form not requiring a CSRF token. This allows an attacker to log a user into the system under an unexpected account.
Recommendations:
For Atlassian Jira versions 7.6.4 through 8.1.0, update to a version that includes a fix for this issue to prevent CSRF attacks.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Jira