The Uninstall REST endpoint in Atlassian Universal Plugin Manager before version 2.22.19, from version 3.0.0 before version 3.0.3 and from version 4.0.0 before version 4.0.3 allows remote attackers to uninstall plugins using a Cross-Site Request Forgery (CSRF) vulnerability on an authenticated administrator.
References
Link | Resource |
---|---|
https://ecosystem.atlassian.net/browse/UPM-6044 | Issue Tracking Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: atlassian
Published: 2019-08-22T00:00:00
Updated: 2019-08-23T13:49:47
Reserved: 2019-08-13T00:00:00
Link: CVE-2019-14999
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-08-23T14:15:11.670
Modified: 2019-08-30T13:51:22.690
Link: CVE-2019-14999
JSON object: View
Redhat Information
No data.
CWE