Description
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to redirect users to a malicious URL via a reverse tabnapping vulnerability in the Project Shortcuts feature. The affected versions are before version 8.5.15, from version 8.6.0 before 8.13.7, from version 8.14.0 before 8.17.1, and from version 8.18.0 before 8.18.1.
Remediation
References
Related Vulnerabilities
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2018-1333)
IBM RTC Incorrect Authorization Vulnerability (CVE-2017-1700)
WordPress Plugin Carts Guru PHP Object Injection (1.4.5)
WordPress Plugin WP-Filebase Download Manager 'base' Parameter SQL Injection (0.2.9)
WordPress Plugin iLive-Intelligent WordPress Live Chat Support Cross-Site Scripting (1.0.4)