Headline
CVE-2021-43953: [JRASERVER-73170] CSRF allows toggling Thread Contention and CPU Monitoring - CVE-2021-43953
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to toggle the Thread Contention and CPU monitoring settings via a Cross-Site Request Forgery (CSRF) vulnerability in the /secure/admin/ViewInstrumentation.jspa endpoint. The affected versions are before version 8.21.0.
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to toggle the Thread Contention and CPU monitoring settings via a Cross-Site Request Forgery (CSRF) vulnerability in the /secure/admin/ViewInstrumentation.jspa endpoint.
The affected versions are before version 8.21.0.
Affected versions:
- version < 8.21.0
Fixed versions:
- 8.21.0