Lucene search
K

4 matches found

NVD
NVD
added 2020/07/13 5:15 a.m.20 views

CVE-2019-20901

The login.jsp resource in Jira before version 8.5.2, and from version 8.6.0 before version 8.6.1 allows remote attackers to redirect users to a different website which they may use as part of performing a phishing attack via an open redirect in the osdestination parameter...

6.1CVSS0.01183EPSS
Exploits0References1
Prion
Prion
added 2020/07/13 5:15 a.m.12 views

Open redirect

The login.jsp resource in Jira before version 8.5.2, and from version 8.6.0 before version 8.6.1 allows remote attackers to redirect users to a different website which they may use as part of performing a phishing attack via an open redirect in the osdestination parameter...

5.8CVSS6.2AI score0.01183EPSS
Exploits0References1Affected Software2
Atlassian
Atlassian
added 2019/12/17 3:24 a.m.81 views

Open redirect vulnerability in login.jsp - CVE-2019-20901

The login.jsp resource in Jira before version 8.5.2, and from version 8.6.0 before version 8.6.1 allows remote attackers to redirect users to a different website which they may use as part of performing a phishing attack via an open redirect in the osdestination parameter...

6.1CVSS5.1AI score0.01183EPSS
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/04/29 2:0 a.m.31 views

Open redirect in JIRA in HTTPS mode only

If JIRA is configured for HTTPS connections in both "redirect HTTP to HTTPS" and "HTTPS only" modes, then the following redirects are possible. This does not occur in HTTP configs. The osdestination parameter on the login.jsp page and other pages once logged in - see technical details below allow...

1AI score
Exploits0Affected Software1
Rows per page
Query Builder