CSRF in the ServiceExecutor resource - CVE-2019-8447

2019-08-0903:20:44

security-metrics-bot

jira.atlassian.com

0.001 Low

EPSS

Percentile

32.6%

JSON

The ServiceExecutor resource in Jira before version 8.3.2 allows remote attackers to trigger the creation of export files via a Cross-site request forgery (CSRF) vulnerability.

CPENameOperatorVersion
jira server and data centerle7.13.0
jira server and data centerlt8.3.2
jira server and data centerlt8.4.0
jira server and data centerlt7.13.12
jira server and data centerle8.2.1

Name	Operator	Version
jira server and data center	le	7.13.0
jira server and data center	lt	8.3.2
jira server and data center	lt	8.4.0
jira server and data center	lt	7.13.12
jira server and data center	le	8.2.1

0.001 Low

EPSS

Percentile

32.6%

JSON

Related for ATLASSIAN:JRASERVER-69776