Description

The ChangeSharedFilterOwner resource in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allows remote attackers to attack users, in some cases be able to obtain a user's Cross-site request forgery (CSRF) token, via a open redirect vulnerability.

Remediation

References

CVE-2019-11589

Related Vulnerabilities

Joomla! Core Multiple Vulnerabilities (2.5.0 - 3.8.12)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-0211)

WordPress Plugin Testimonial Slider Multiple Cross-Site Scripting Vulnerabilities (1.2.5)

OpenSSL Out-of-bounds Read Vulnerability (CVE-2023-1255)

Joomla Improper Input Validation Vulnerability (CVE-2006-1957)

Severity

Medium

Classification

CVE-2019-11589 CWE-601 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities