4.3
CVSSv2

CVE-2019-8447

Published: 23/08/2019 Updated: 29/08/2019
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 4.3 | Impact Score: 1.4 | Exploitability Score: 2.8
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Summary

The ServiceExecutor resource in Jira before version 8.3.2 allows remote malicious users to trigger the creation of export files via a Cross-site request forgery (CSRF) vulnerability.

Vulnerability Trend

Affected Products

Vendor Product Versions
AtlassianJira7.13.0, 7.13.1, 7.13.2, 7.13.3, 7.13.4, 7.13.5, 7.13.6, 7.13.7, 8.0.0, 8.0.1, 8.0.2, 8.0.3, 8.0.4, 8.1.0, 8.1.1, 8.1.2, 8.2.0, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 8.3.0, 8.3.1