logo
DATABASE RESOURCES PRICING ABOUT US

Atlassian JIRA < 4.2.2 Open Redirect

Description

According to its self-reported version number, the version of Atlassian JIRA hosted on the remote web server is prior to version 4.2.2. It is, therefore, potentially affected by an open redirect vulnerability due to improper sanitization of user-supplied input to an unspecified parameter. A remote attacker, by enticing a user into following a crafted URL, can exploit this vulnerability to redirect the user to an attacker-controlled website. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.