Atlassian Jira Service is the server version of an IT service desk and request tracking system from Atlassian Australia. The Atlassian Jira Server is vulnerable to cross-site request forgery, which stems from an application/secure/admin/ViewInstrumentation.jspa endpoint that does not adequately validate that the request is from a trusted user. An attacker could exploit this vulnerability to toggle thread contention and CPU monitoring settings.
CPE | Name | Operator | Version |
---|---|---|---|
atlassian jira server < | eq | 8.21.0 |