The /auditing/settings resource was vulnerable to [CSRF|https://en.wikipedia.org/wiki/Cross-site_request_forgery] attacks.
CPE | Name | Operator | Version |
---|---|---|---|
jira (including jira core) | lt | 1000.35.0 Cloud | |
jira (including jira core) | lt | 7.1.9 Server | |
jira (including jira core) | le | 7.1.4 |