CVE-2019-11588

The ViewSystemInfo class doGarbageCollection method in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allows remote attackers to trigger garbage collection via a Cross-site request forgery (CSRF) vulnerability.

Published: Aug 23, 2019
Updated: Apr 13, 2023
CVE: CVE-2019-11588
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.3
AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P

CWEs:

CWE-352

Affected Software
References

Software	From	Fixed in
atlassian / jira	-	7.13.6
atlassian / jira_server	8.3.0	8.3.2
atlassian / jira_server	8.0.0	8.2.3

https://jira.atlassian.com/browse/JRASERVER-69781

Vulnerability Database

289,784

CVE-2019-11588