Description
The startup.jsp resource in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allows remote attackers to redirect users to a different website which they may use as part of performing a phishing attack via an open redirect.
Remediation
References
Related Vulnerabilities
MySQL CVE-2020-2804 Vulnerability (CVE-2020-2804)
WebLogic CVE-2021-2109 Vulnerability (CVE-2021-2109)
Jboss EAP Improper Input Validation Vulnerability (CVE-2011-4575)
WordPress Plugin Social Connect Cross-Site Scripting (1.0.4)
WordPress Plugin WordPress Email Template Designer-WP HTML Mail Cross-Site Scripting (3.0.9)