Description

The Setup Wizard in Atlassian JIRA Enterprise Edition before 3.12.1 does not properly restrict setup attempts after setup is complete, which allows remote attackers to change the default language.

Remediation

References

CVE-2007-6619

Related Vulnerabilities

WordPress Plugin Breadcrumbs by menu Multiple Vulnerabilities (1.0.1)

WordPress Plugin Author Bio Box Cross-Site Scripting (3.3.1)

Ruby CVE-2019-15845 Vulnerability (CVE-2019-15845)

Drupal Improper Input Validation Vulnerability (CVE-2022-24775)

Joomla! Core Multiple Vulnerabilities (2.5.0 - 3.8.12)

Severity

High

Classification

CVE-2007-6619 CWE-264

Tags

Missing Update Known Vulnerabilities