Description
The Jira-importers-plugin in Atlassian Jira before version 7.6.1 allows remote attackers to create new projects and abort an executing external system import via various Cross-site request forgery (CSRF) vulnerabilities.
Affected products
- Atlassian / JiraAll versions before 7.6.1 – All versions before 7.6.1