Jira is a proprietary issue tracking product, developed by Atlassian. It provides bug tracking, issue tracking, and project management functions.
Atlassian JIRA Server is prone to a cross-site request-forgery vulnerability in auditing/settings because it fails to properly validate HTTP requests.
Atlassian JIRA Server versions prior to 7.1.9
QID Detection Logic:
This unauthenticated QID retrieves vulnerable installations of JIRA by visiting the secure/Dashboard.jspa webpage.
Successful exploitation allows a remote attacker to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible.