UploadAction.execute vulnerable to CSRF

2013-10-29T06:54:09
ID ATLASSIAN:CONFSERVER-31401
Type atlassian
Reporter psaw
Modified 2018-10-11T09:02:51

Description

Sub-issue from CONF-27960.

UploadAction.execute (upload.action) does not have CSRF protection.