CVE-2019-11588

Summary

The ViewSystemInfo class doGarbageCollection method in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allows remote attackers to trigger garbage collection via a Cross-site request forgery (CSRF) vulnerability.

Affected Software

VendorProductVersion RangeStatus
AtlassianJiraunspecified < 7.13.6affected
AtlassianJira8.0.0 < unspecifiedaffected
AtlassianJiraunspecified < 8.2.3affected
AtlassianJira8.3.0 < unspecifiedaffected
AtlassianJiraunspecified < 8.3.2affected

Weaknesses

  • Cross-Site Request Forgery (CSRF)

ADP Enrichment

CVE Program Container

Additional References

References