cvedb.io
CVE-2023-30607
MEDIUM · CVSS 5
EPSS exploitation probability: 0%
Published 2023-07-05T18:15:10.070 · Last modified 2026-06-17T05:55:07.360

Summary

icingaweb2-module-jira provides integration with Atlassian Jira. Starting in version 1.3.0 and prior to version 1.3.2, template and field configuration forms perform the deletion action before user input is validated, including the cross site request forgery token. This issue is fixed in version 1.3.2. There are no known workarounds.

Affected products

icinga — icinga_web_jira_integration

Does this affect you?

Add your gear to cvedb and we'll alert you only when icinga ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.