Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Low
Fix Version/s: 8.12.0, 7.13.16, 8.11.1
Affects Version/s: 7.6.15, 8.6.1, 8.5.4, 7.13.13, 8.9.0, 8.10.0
Component/s: System Administration - Others
Labels:

Fixed in Long Term Support Release/s:

Download 7.13
Introduced in Version:
7.06
Symptom Severity:
Severity 3 - Minor
Bug Fix Policy:
View Atlassian Server bug fix policy

Description

Affected versions of Atlassian Jira Server and Data Center allow an authenticated attacker to redirect a user to a malicious website via an unvalidated redirect vulnerability in some Universal Plugin Manager pages, e.g. "Manage apps" and "Find new apps".

Affected versions:

version < 7.13.16
7.14.0 ≤ version < 8.11.1

Fixed versions:

7.13.16
8.11.1
8.12.0

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Security Metrics Bot

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Due:: 02/Nov/2020

Created:: 03/Aug/2020 10:42 PM

Updated:: 17/Mar/2021 1:54 AM

Resolved:: 10/Aug/2020 6:20 PM