CVE-2019-20401

Summary

Various installation setup resources in Jira before version 8.5.2 allow remote attackers to configure a Jira instance, which has not yet finished being installed, via Cross-site request forgery (CSRF) vulnerabilities.

Affected Software

VendorProductVersion RangeStatus
AtlassianJira Serverunspecified < 8.5.2affected

Weaknesses

  • Cross-Site Request Forgery (CSRF)

ADP Enrichment

CVE Program Container

Additional References

References