Unrated severityNVD Advisory· Published Aug 23, 2019· Updated Sep 17, 2024
CVE-2019-14999
CVE-2019-14999
Description
The Uninstall REST endpoint in Atlassian Universal Plugin Manager before version 2.22.19, from version 3.0.0 before version 3.0.3 and from version 4.0.0 before version 4.0.3 allows remote attackers to uninstall plugins using a Cross-Site Request Forgery (CSRF) vulnerability on an authenticated administrator.
Affected products
2<2.22.19 || >=3.0.0 <3.0.3 || >=4.0.0 <4.0.3+ 1 more
- (no CPE)range: <2.22.19 || >=3.0.0 <3.0.3 || >=4.0.0 <4.0.3
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
1- ecosystem.atlassian.net/browse/UPM-6044mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.