Unrated severityNVD Advisory· Published Oct 23, 2018· Updated Sep 16, 2024
CVE-2018-13402
CVE-2018-13402
Description
Many resources in Atlassian Jira before version 7.6.9, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3, from version 7.12.0 before version 7.12.3, and before version 7.13.1 allow remote attackers to attack users, in some cases be able to obtain a user's Cross-site request forgery (CSRF) token, via a open redirect vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<7.6.9, >=7.7.0 <7.7.5, >=7.8.0 <7.8.5, >=7.9.0 <7.9.3, >=7.10.0 <7.10.3, >=7.11.0 <7.11.3, >=7.12.0 <7.12.3, <7.13.1+ 1 more
- (no CPE)range: <7.6.9, >=7.7.0 <7.7.5, >=7.8.0 <7.8.5, >=7.9.0 <7.9.3, >=7.10.0 <7.10.3, >=7.11.0 <7.11.3, >=7.12.0 <7.12.3, <7.13.1
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
2- www.securityfocus.com/bid/105751mitrevdb-entryx_refsource_BID
- jira.atlassian.com/browse/JRASERVER-68140mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.