Atlassian Jira Software Server CVE-2021-26071 Cross Site Request Forgery Vulnerability

description-logoDescription

The SetFeatureEnabled.jspa resource in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to enable and disable Jira Software configuration via a cross-site request forgery (CSRF) vulnerability.

affected-products-logoAffected Applications

Jira Software Server

CVE References

CVE-2021-26071