Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Atlassian Jira URL Redirection to Untrusted Site (Open Redirect) Vulnerability - CVE-2019-20901 - Vulnerability Database
Atlassian Jira

Atlassian Jira URL Redirection to Untrusted Site (Open Redirect) Vulnerability - CVE-2019-20901

Medium
Reference: CVE-2019-20901
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2019-20901
Title: Atlassian Jira URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Overview:

The login.jsp resource in Jira before version 8.5.2 and from version 8.6.0 before version 8.6.1 allows remote attackers to redirect users to a different website which they may use as part of performing a phishing attack via an open redirect in the os_destination parameter.