The startup.jsp resource in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allows remote malicious users to redirect users to a different website which they may use as part of performing a phishing attack via an open redirect.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
atlassian jira |
||
atlassian jira server |