Uploaded image for project: 'Jira Platform Cloud'
  1. Jira Platform Cloud
  2. JRACLOUD-29400

Open Redirect vulnerabilities

XMLWordPrintable

      NOTE: This bug report is for JIRA Cloud. Using JIRA Server? See the corresponding bug report.

      We have identified and fixed 2 open redirect vulnerabilities that affect JIRA instances, including publicly available instances (that is, Internet-facing servers).

      Parameter-based redirection vulnerabilities allow an attacker to craft a JIRA URL in such a way that a user clicking on this URL will be redirected to a different web site. This can be used for phishing.

      These vulnerabilities affect JIRA 4.3.3 and above, and have been fixed in JIRA 5.1.1.

      More information is available in the advisory at https://confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2012-08-28

              vosipov VitalyA
              vosipov VitalyA
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: