Details
-
Bug
-
Resolution: Fixed
-
Low
-
7.6.15, 8.6.1, 8.5.4, 7.13.13, 8.9.0, 8.10.0
-
7.06
-
Severity 3 - Minor
-
Description
Affected versions of Atlassian Jira Server and Data Center allow an authenticated attacker to redirect a user to a malicious website via an unvalidated redirect vulnerability in some Universal Plugin Manager pages, e.g. "Manage apps" and "Find new apps".
Affected versions:
- version < 7.13.16
- 7.14.0 ≤ version < 8.11.1
Fixed versions:
- 7.13.16
- 8.11.1
- 8.12.0