{"id":"GO-2024-2539","summary":"Cross-site request forgery via logout button in github.com/mattermost/mattermost-plugin-jira","details":"Cross-site request forgery via logout button in github.com/mattermost/mattermost-plugin-jira","aliases":["BIT-mattermost-2024-23319","CVE-2024-23319","GHSA-4fp6-574p-fc35"],"modified":"2024-07-09T19:33:56Z","published":"2024-03-18T17:29:34Z","database_specific":{"review_status":"REVIEWED","url":"https://pkg.go.dev/vuln/GO-2024-2539"},"references":[{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-23319"},{"type":"FIX","url":"https://github.com/mattermost/mattermost-plugin-jira/commit/f4cf4c6de017ef6aa4428d393b78f418dd84cd8e"},{"type":"WEB","url":"https://mattermost.com/security-updates"}],"affected":[{"package":{"name":"github.com/mattermost/mattermost-plugin-jira","ecosystem":"Go","purl":"pkg:golang/github.com/mattermost/mattermost-plugin-jira"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.1.2-0.20230830170046-f4cf4c6de017"}]}],"ecosystem_specific":{"custom_ranges":[{"events":[{"introduced":"0"},{"fixed":"4.0.0-rc2"}],"type":"ECOSYSTEM"}],"imports":[{"path":"github.com/mattermost/mattermost-plugin-jira/server","symbols":["Plugin.httpOAuth1aDisconnect","Plugin.initializeRouter"]}]},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2024-2539.json"}}],"schema_version":"1.7.3"}