Lucene search
AtlassianCVELIST:CVE-2019-11589HistoryAug 13, 2019 - 12:00 a.m.
CVE-2019-11589
2019-08-1300:00:00
atlassian
www.cve.org
1
0.001 Low
EPSS
Percentile
46.8%
The ChangeSharedFilterOwner resource in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allows remote attackers to attack users, in some cases be able to obtain a user’s Cross-site request forgery (CSRF) token, via a open redirect vulnerability.
CNA Affected
[
{
"product": "Jira",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "7.13.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
},
{
"lessThan": "8.2.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "8.3.0",
"versionType": "custom"
},
{
"lessThan": "8.3.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2019-11589
2019-08-23 14:15:11
nvd
nvd
CVE-2019-11589
2019-08-23 14:15:11
prion
prion
Cross site request forgery (csrf)
2019-08-23 14:15:00
atlassian
atlassian
Open redirect in the ChangeSharedFilterOwner resource - CVE-2019-11589
2019-08-09 03:42:10
Open redirect in the ChangeSharedFilterOwner resource - CVE-2019-11589
2019-08-09 03:42:10
nessus
nessus
Atlassian JIRA Open Redirect Vulnerabilities
2019-08-28 00:00:00