Details
-
Bug
-
Resolution: Fixed
-
Medium
-
5.0.2
-
None
-
5
-
4.3
-
Description
The AcknowledgeTask.jspa page found under
http://$HOST/secure/admin/jira/AcknowledgeTask.jspa
can be used to redirect users to another page on the internet and possibly used to create a non-persistent xss flaw.
Here is an example url which will direct a user to http://google.com
Attachments
Issue Links
- mentioned in
-
Wiki Page Loading...