Description
The startup.jsp resource in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allows remote attackers to redirect users to a different website which they may use as part of performing a phishing attack via an open redirect.
Remediation
References
Related Vulnerabilities
Oracle Database Server Deserialization of Untrusted Data Vulnerability (CVE-2019-16942)
Joomla! Core SQL Injection (1.7.0 - 3.9.15)
WordPress Plugin User Login History Multiple Cross-Site Scripting Vulnerabilities (1.5.2)
MySQL Other Vulnerability (CVE-2005-0710)
WordPress Plugin Rencontre-Dating Site Multiple Vulnerabilities (3.1.2)