Description
The Jira-importers-plugin in Atlassian Jira before version 7.6.1 allows remote attackers to create new projects and abort an executing external system import via various Cross-site request forgery (CSRF) vulnerabilities.
Remediation
References
Related Vulnerabilities
WordPress Plugin XML Sitemap & Google News feeds Cross-Site Scripting (4.5)
Jenkins Resource Management Errors Vulnerability (CVE-2014-3661)
Internet Information Services Other Vulnerability (CVE-2001-0337)
WordPress Plugin AdRotate-Ad manager & AdSense Ads SQL Injection (5.8.3.1)
Zope Web Application Server Other Vulnerability (CVE-2000-0483)