Description

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to redirect users to a malicious URL via a reverse tabnapping vulnerability in the Project Shortcuts feature. The affected versions are before version 8.5.15, from version 8.6.0 before 8.13.7, from version 8.14.0 before 8.17.1, and from version 8.18.0 before 8.18.1.

Remediation

References

CVE-2021-39112

Related Vulnerabilities

Moodle CVE-2022-40314 Vulnerability (CVE-2022-40314)

WordPress Plugin Klarna Checkout for WooCommerce Security Bypass (2.0.9)

WordPress Plugin Contact Form Generator Multiple Cross-Site Request Forgery Vulnerabilities (2.1.86)

WordPress Plugin Organizer Multiple Cross-Site Scripting and Information Disclosure Vulnerabilities (1.2.1)

WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3385)

Severity

Medium

Classification

CVE-2021-39112 CWE-601

Tags

Missing Update Known Vulnerabilities