[%22Vendor] Reverse tabnapping via Project Shortcuts feature - CVE-2021-39112 - Create and track feature requests for Atlassian products.

Type: Public Security Vulnerability
Resolution: Fixed
Priority: Low (View bug fix roadmap)
Fix Version/s: 8.5.15, 8.13.7, 8.17.1, 8.18.1
Affects Version/s: 8.5.14, 8.13.6, 8.17.0
Component/s: None
Labels:

CVSS Score:
3
CVSS Severity:
Low
CVE ID:
CVE-2021-39112

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to redirect users to a malicious URL via a reverse tabnapping vulnerability in the Project Shortcuts feature.

The affected versions are before version 8.5.15, from version 8.6.0 before 8.13.7, from version 8.14.0 before 8.17.1, and from version 8.18.0 before 8.18.1.

Affected versions:

version < 8.5.15
8.6.0 ≤ version < 8.13.7
8.14.0 ≤ version < 8.17.1
8.18.0 ≤ version < 8.18.1

Fixed versions:

8.5.15
8.13.7
8.17.1
8.18.1

mentioned in: Page Loading...

No work has yet been logged on this issue.

Assignee:: Unassigned

Reporter:: Security Metrics Bot

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Created:: 19/May/2021 12:21 AM

Updated:: 16/Sep/2021 5:28 AM

Resolved:: 25/Aug/2021 2:26 AM

Details

Description

Attachments

Issue Links

Forms

Activity

[JRASERVER-72433] Reverse tabnapping via Project Shortcuts feature - CVE-2021-39112

People

Dates