Lucene search
Security-metrics-botATLASSIAN:JRASERVER-68139HistoryOct 23, 2018 - 12:13 a.m.
Open redirect in the XsrfErrorAction resource - CVE-2018-13401
2018-10-2300:13:22
security-metrics-bot
jira.atlassian.com
591
0.001 Low
EPSS
Percentile
42.0%
The XsrfErrorAction resource in Atlassian Jira before version 7.6.9, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3, from version 7.12.0 before version 7.12.3, and before version 7.13.1 allows remote attackers to obtain a user’s Cross-site request forgery (CSRF) token through an open redirect vulnerability.
Related
cvelist
cvelist
CVE-2018-13401
2018-10-23 00:00:00
cve
cve
CVE-2018-13401
2018-10-23 13:29:03
nvd
nvd
CVE-2018-13401
2018-10-23 13:29:03
prion
prion
Cross site request forgery (csrf)
2018-10-23 13:29:00
atlassian
atlassian
Open redirect in the XsrfErrorAction resource - CVE-2018-13401
2018-10-23 00:13:22
nessus
nessus
Atlassian Jira 7.9.x < 7.9.3 Multiple Vulnerabilities
2023-03-14 00:00:00
Atlassian Jira 7.11.x < 7.11.3 Multiple Vulnerabilities
2023-03-14 00:00:00