Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to modify several resources (including CsvFieldMappingsPage.jspa and ImporterValueMappingsPage.jspa) via a Cross-Site Request Forgery (CSRF) vulnerability in the jira-importers-plugin. The affected versions are before version 8.13.15, and from version 8.14.0 prior to 8.20.3.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
atlassian jira server |
||
atlassian jira data center |