Atlassian Jira URL Redirection to Untrusted Site (Open Redirect) Vulnerability - CVE-2019-20901 - Vulnerability Database

Atlassian Jira URL Redirection to Untrusted Site (Open Redirect) Vulnerability - CVE-2019-20901

Medium
Reference: CVE-2019-20901
Title: Atlassian Jira URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Overview:

The login.jsp resource in Jira before version 8.5.2 and from version 8.6.0 before version 8.6.1 allows remote attackers to redirect users to a different website which they may use as part of performing a phishing attack via an open redirect in the os_destination parameter.