Lucene search
Security-metrics-botATLASSIAN:JRASERVER-69791HistoryAug 12, 2019 - 2:42 a.m.
"Cookie Tossing" CSRF weakness against subdomains - CVE-2019-14998
2019-08-1202:42:15
security-metrics-bot
jira.atlassian.com
32
EPSS
0.001
Percentile
47.4%
The Webwork action Cross-Site Request Forgery (CSRF) protection implementation in Jira before version 8.4.0 allows remote attackers to bypass its protection via “cookie tossing” a CSRF cookie from a subdomain of a Jira instance.
Related
prion
prion
Cross site request forgery (csrf)
2019-09-11 14:15:00
atlassian
atlassian
"Cookie Tossing" CSRF weakness against subdomains - CVE-2019-14998
2019-08-12 02:42:15
cvelist
cvelist
CVE-2019-14998
2019-09-11 13:56:26
talos
talos
Atlassian Jira CSRF Protections Bypass Vulnerability
2019-09-16 00:00:00
nvd
nvd
CVE-2019-14998
2019-09-11 14:15:11
cve
cve
CVE-2019-14998
2019-09-11 14:15:11
nessus
nessus
Atlassian JIRA < 8.4.0 Multiple Vulnerabilities
2019-09-20 00:00:00
Atlassian Jira < 8.4.0 Multiple Vulnerabilities
2019-10-09 00:00:00
talosblog
talosblog
Vulnerability Spotlight: Multiple vulnerabilities in Atlassian Jira
2019-09-20 07:26:50