5.8
CVSSv2

CVE-2019-20901

Published: 13/07/2020 Updated: 13/07/2020
CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

Vulnerability Summary

The login.jsp resource in Jira before version 8.5.2, and from version 8.6.0 before version 8.6.1 allows remote malicious users to redirect users to a different website which they may use as part of performing a phishing attack via an open redirect in the os_destination parameter.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

atlassian jira

atlassian jira 8.6.0