Vulnerability Database

309,364

Total vulnerabilities in the database

CVE-2018-5231

The ForgotLoginDetails resource in Atlassian Jira before version 7.6.6, from version 7.7.0 before version 7.7.4, from version 7.8.0 before version 7.8.4 and from version 7.9.0 before version 7.9.2 allows remote attackers to perform a denial of service attack via sending requests to it.

Published: May 16, 2018
Updated: Nov 9, 2025
CVE: CVE-2018-5231
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
atlassian / jira	-	7.6.6
atlassian / jira_server	7.7.0	7.7.4
atlassian / jira_server	7.9.0	7.9.2
atlassian / jira_server	7.8.0	7.8.4

http://www.securityfocus.com/bid/104205
https://jira.atlassian.com/browse/JRASERVER-67290

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo