Description
The WorkflowResource class removeStatus method in Jira before version 7.13.12, from version 8.0.0 before version 8.4.3, and from version 8.5.0 before version 8.5.2 allows authenticated remote attackers who do not have project administration access to remove a configured issue status from a project via a missing authorisation check.
Remediation
References
Related Vulnerabilities
CrushFTP Server Deserialization of Untrusted Data Vulnerability (CVE-2017-14035)
Roundcube Unspesificed Vulnerability (CVE-2018-9846)
WordPress Plugin Active Directory Integration/LDAP Integration Cross-Site Scripting (3.6.94)
WordPress Plugin Keydatas Arbitrary File Upload (2.5.2)
Python Uncontrolled Resource Consumption Vulnerability (CVE-2021-3737)