Atlassian JIRA Unspecified URI Redirection Vulnerability Network Vulnerability

Summary

Atlassian JIRA is prone to a URI-redirection vulnerability because the application fails to properly sanitize user-supplied input. A successful exploit may aid in phishing attacks other attacks are also possible. Versions prior to Atlassian JIRA 4.2.2 are vulnerable.

Solution

Updates are available. Please see the references for more information.

References

http://confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2011-02-21
http://www.atlassian.com/software/jira/
https://www.securityfocus.com/bid/46461

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Aker Secure Mail Gateway Cross-Site Scripting Vulnerability
Apache Archiva Cross Site Request Forgery Vulnerability
Apache OFBiz Multiple Cross Site Scripting Vulnerabilities
Apache Struts2/XWork Remote Command Execution Vulnerability
Apache Struts2 showcase namespace XSS Vulnerability

Take action and discover your vulnerabilities