Atlassian Jira Missing Authorization Vulnerability - CVE-2019-15013
Reference:
CVE-2019-15013
Title:
Atlassian Jira Missing Authorization Vulnerability
Overview:
The WorkflowResource class removeStatus method in Jira before version 7.13.12 from version 8.0.0 before version 8.4.3 and from version 8.5.0 before version 8.5.2 allows authenticated remote attackers who do not have project administration access to remove a configured issue status from a project via a missing authorisation check.