Lucene search
China National Vulnerability DatabaseCNVD-2022-05524HistoryOct 24, 2021 - 12:00 a.m.
Atlassian Jira Code Injection Vulnerability
2021-10-2400:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
0.002 Low
EPSS
Percentile
52.5%
Atlassian Jira is a defect tracking management system from Atlassian Australia. A code injection vulnerability exists in Atlassian Jira, which stems from Atlassian Jira server and data center versions allowing remote attackers to modify various resources through a cross-site request forgery (CSRF) vulnerability, following a disclosure vulnerability in the reference header, which exposes the user’s CSRF token. No detailed vulnerability details are currently available.
| CPE | Name | Operator | Version |
|---|---|---|---|
| Atlassian Jira | lt | 8.5.10 | |
| Atlassian Jira >=8.6.0, | lt | 8.13.2 |
Related
prion
prion
Cross site request forgery (csrf)
2021-10-21 03:15:00
atlassian
atlassian
CSRF token theft through referrer headers - CVE-2021-39126
2020-11-16 00:12:48
CSRF token theft through referrer headers - CVE-2021-39126
2020-11-16 00:12:48
nessus
nessus
Atlassian Jira < 8.5.10 / 8.6.x < 8.13.1 XSRF (JRASERVER-71806)
2022-07-06 00:00:00
cve
cve
CVE-2021-39126
2021-10-21 03:15:07
cvelist
cvelist
CVE-2021-39126
2021-09-14 00:00:00
nvd
nvd
CVE-2021-39126
2021-10-21 03:15:07