Description
Affected versions of Atlassian Jira Server and Data Center allow a remote attacker who has had their access revoked from Jira Service Management to enable and disable Issue Collectors on Jira Service Management projects via an Improper Authentication vulnerability in the /secure/ViewCollectors endpoint. The affected versions are before version 8.19.1.
Remediation
References
Related Vulnerabilities
WordPress Plugin WordPress Download Manager Cross-Site Request Forgery (2.9.60)
WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.15)
WordPress Plugin Media Library Assistant Multiple Vulnerabilities (2.65)
OpenSSL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2178)