-
Bug
-
Resolution: Fixed
-
Low
-
None
-
None
NOTE: This bug report is for JIRA Server. Using JIRA Cloud? See the corresponding bug report.
We have identified and fixed 2 open redirect vulnerabilities that affect JIRA instances, including publicly available instances (that is, Internet-facing servers).
Parameter-based redirection vulnerabilities allow an attacker to craft a JIRA URL in such a way that a user clicking on this URL will be redirected to a different web site. This can be used for phishing.
These vulnerabilities affect JIRA 4.3.3 and above, and have been fixed in JIRA 5.1.1.
More information is available in the advisory at https://confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2012-08-28
- relates to
-
JRACLOUD-29400 Open Redirect vulnerabilities
- Closed
- mentioned in
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Wiki Page Loading...
-
Wiki Page Loading...
-
Wiki Page Loading...
-
Wiki Page Loading...
-
Wiki Page Loading...
-
Wiki Page Loading...
-
Wiki Page Loading...