Unrated severityNVD Advisory· Published Sep 11, 2019· Updated Sep 16, 2024
CVE-2019-14998
CVE-2019-14998
Description
The Webwork action Cross-Site Request Forgery (CSRF) protection implementation in Jira before version 8.4.0 allows remote attackers to bypass its protection via "cookie tossing" a CSRF cookie from a subdomain of a Jira instance.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2- jira.atlassian.com/browse/JRASERVER-69791mitrex_refsource_CONFIRM
- www.talosintelligence.com/vulnerability_reports/TALOS-2019-0835mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.