VYPR
Unrated severityNVD Advisory· Published Aug 23, 2019· Updated Sep 17, 2024

CVE-2019-14999

CVE-2019-14999

Description

The Uninstall REST endpoint in Atlassian Universal Plugin Manager before version 2.22.19, from version 3.0.0 before version 3.0.3 and from version 4.0.0 before version 4.0.3 allows remote attackers to uninstall plugins using a Cross-Site Request Forgery (CSRF) vulnerability on an authenticated administrator.

Affected products

2
  • <2.22.19 || >=3.0.0 <3.0.3 || >=4.0.0 <4.0.3+ 1 more
    • (no CPE)range: <2.22.19 || >=3.0.0 <3.0.3 || >=4.0.0 <4.0.3
    • (no CPE)range: unspecified

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.