Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2022-05524
HistoryOct 24, 2021 - 12:00 a.m.

Atlassian Jira Code Injection Vulnerability

2021-10-2400:00:00
China National Vulnerability Database
www.cnvd.org.cn
5

0.002 Low

EPSS

Percentile

52.5%

Atlassian Jira is a defect tracking management system from Atlassian Australia. A code injection vulnerability exists in Atlassian Jira, which stems from Atlassian Jira server and data center versions allowing remote attackers to modify various resources through a cross-site request forgery (CSRF) vulnerability, following a disclosure vulnerability in the reference header, which exposes the user’s CSRF token. No detailed vulnerability details are currently available.

0.002 Low

EPSS

Percentile

52.5%

Related for CNVD-2022-05524