Unrated severityNVD Advisory· Published Dec 11, 2019· Updated Sep 17, 2024
CVE-2019-15009
CVE-2019-15009
Description
The /json/profile/removeStarAjax.do resource in Atlassian Fisheye and Crucible before version 4.8.0 allows remote attackers to remove another user's favourite setting for a project via an improper authorization vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4Patches
Vulnerability mechanics
References
2- jira.atlassian.com/browse/CRUC-8443mitrex_refsource_MISC
- jira.atlassian.com/browse/FE-7252mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.