{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-02T04:36:04.775","vulnerabilities":[{"cve":{"id":"CVE-2019-11589","sourceIdentifier":"security@atlassian.com","published":"2019-08-23T14:15:11.407","lastModified":"2024-11-21T04:21:23.850","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The ChangeSharedFilterOwner resource in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allows remote attackers to attack users, in some cases be able to obtain a user's Cross-site request forgery (CSRF) token, via a open redirect vulnerability."},{"lang":"es","value":"El recurso ChangeSharedFilterOwner en Jira antes de la versión 7.13.6, de la versión 8.0.0 antes de la versión 8.2.3, y de la versión 8.3.0 antes de la versión 8.3.2 permite que los atacantes remotos ataquen a los usuarios, en algunos casos pueden obtener el Cross de un usuario token de falsificación de solicitud de sitio (CSRF), a través de una vulnerabilidad de redireccionamiento abierto.r en Jira antes de la versión 7.13.6, de la versión 8.0.0 antes de la versión 8.2.3, y de la versión 8.3.0 antes de la versión 8.3.2 permite que los atacantes remotos ataquen a los usuarios, en algunos casos pueden obtener el Cross de un usuario token de falsificación de solicitud de sitio (CSRF), a través de una vulnerabilidad de redireccionamiento abierto."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:N","baseScore":5.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-601"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:*","versionStartIncluding":"7.13.0","versionEndExcluding":"7.13.6","matchCriteriaId":"2FED3DB9-E64F-4E15-B91A-03B408E4EA4C"},{"vulnerable":true,"criteria":"cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.0","versionEndExcluding":"8.2.3","matchCriteriaId":"F665F2DD-7C62-43CB-8FEB-2DB1521D8A87"},{"vulnerable":true,"criteria":"cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:*","versionStartIncluding":"8.3.0","versionEndExcluding":"8.3.2","matchCriteriaId":"55DBB75B-F9FF-435E-B392-99F61ABBD6C5"}]}]}],"references":[{"url":"https://jira.atlassian.com/browse/JRASERVER-69780","source":"security@atlassian.com","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://jira.atlassian.com/browse/JRASERVER-69780","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Vendor Advisory"]}]}}]}