Lucene search
AtlassianCVELIST:CVE-2019-20901HistoryJul 13, 2020 - 4:55 a.m.
CVE-2019-20901
2020-07-1304:55:11
atlassian
www.cve.org
3
EPSS
0.001
Percentile
46.7%
The login.jsp resource in Jira before version 8.5.2, and from version 8.6.0 before version 8.6.1 allows remote attackers to redirect users to a different website which they may use as part of performing a phishing attack via an open redirect in the os_destination parameter.
CNA Affected
[
{
"product": "Jira Server",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "8.5.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "8.6.0",
"versionType": "custom"
},
{
"lessThan": "8.6.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
atlassian
atlassian
Open redirect vulnerability in login.jsp - CVE-2019-20901
2019-12-17 03:24:22
Open redirect vulnerability in login.jsp - CVE-2019-20901
2019-12-17 03:24:22
nvd
nvd
CVE-2019-20901
2020-07-13 05:15:10
prion
prion
Open redirect
2020-07-13 05:15:00
cve
cve
CVE-2019-20901
2020-07-13 05:15:10