-
Type:
Bug
-
Resolution: Fixed
-
Priority:
Low
-
Affects Version/s: 7.6.15, 7.13.13, 8.5.4, 8.6.1, 8.9.0, 8.10.0
-
Component/s: System Administration - Others
-
7.06
-
Severity 3 - Minor
Affected versions of Atlassian Jira Server and Data Center allow an authenticated attacker to redirect a user to a malicious website via an unvalidated redirect vulnerability in some Universal Plugin Manager pages, e.g. "Manage apps" and "Find new apps".
Affected versions:
- version < 7.13.16
- 7.14.0 ≤ version < 8.11.1
Fixed versions:
- 7.13.16
- 8.11.1
- 8.12.0