CVE-2019-15002 Information

Description

An exploitable CSRF vulnerability exists in Atlassian Jira from versions 7.6.4 to 8.1.0. The login form doesn’t require a CSRF token. As a result an attacker can log a user into the system under an unexpected account.

Reference

https://jira.atlassian.com/browse/JRASERVER-67979