Lucene search
PRIOn knowledge basePRION:CVE-2021-39126HistoryOct 21, 2021 - 3:15 a.m.
Cross site request forgery (csrf)
2021-10-2103:15:00
PRIOn knowledge base
www.prio-n.com
2
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to modify various resources via a Cross-Site Request Forgery (CSRF) vulnerability, following an Information Disclosure vulnerability in the referrer headers which discloses a user’s CSRF token. The affected versions are before version 8.5.10, and from version 8.6.0 before 8.13.1.
| CPE | Name | Operator | Version |
|---|---|---|---|
| jira_data_center | ge | 8.6.0 | |
| jira_data_center | lt | 8.13.1 | |
| jira_data_center | lt | 8.5.10 | |
| jira_server | ge | 8.6.0 | |
| jira_server | lt | 8.13.1 | |
| jira_server | lt | 8.5.10 |
Related
atlassian
atlassian
CSRF token theft through referrer headers - CVE-2021-39126
2020-11-16 00:12:48
CSRF token theft through referrer headers - CVE-2021-39126
2020-11-16 00:12:48
cnvd
cnvd
Atlassian Jira Code Injection Vulnerability
2021-10-24 00:00:00
nvd
nvd
CVE-2021-39126
2021-10-21 03:15:07
nessus
nessus
Atlassian Jira < 8.5.10 / 8.6.x < 8.13.1 XSRF (JRASERVER-71806)
2022-07-06 00:00:00
cve
cve
CVE-2021-39126
2021-10-21 03:15:07
cvelist
cvelist
CVE-2021-39126
2021-09-14 00:00:00