The ViewSystemInfo class doGarbageCollection method in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allows remote attackers to trigger garbage collection via a Cross-site request forgery (CSRF) vulnerability.
References
Link | Resource |
---|---|
https://jira.atlassian.com/browse/JRASERVER-69781 | Issue Tracking Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
25 Mar 2022, 17:20
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:* | |
First Time |
Atlassian jira Server
|
Information
Published : 2019-08-23 14:15
Updated : 2023-12-10 12:59
NVD link : CVE-2019-11588
Mitre link : CVE-2019-11588
CVE.ORG link : CVE-2019-11588
JSON object : View
Products Affected
atlassian
- jira_server
- jira
CWE
CWE-352
Cross-Site Request Forgery (CSRF)