Unrated severityNVD Advisory· Published Apr 1, 2021· Updated Sep 17, 2024
CVE-2021-26071
CVE-2021-26071
Description
The SetFeatureEnabled.jspa resource in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to enable and disable Jira Software configuration via a cross-site request forgery (CSRF) vulnerability.
Affected products
2- Range: unspecified
- Range: unspecified
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- jira.atlassian.com/browse/JRASERVER-72233mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.