Description

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to redirect users to a malicious URL via a reverse tabnapping vulnerability in the Project Shortcuts feature. The affected versions are before version 8.5.15, from version 8.6.0 before 8.13.7, from version 8.14.0 before 8.17.1, and from version 8.18.0 before 8.18.1.

Remediation

References

CVE-2021-39112

Related Vulnerabilities

WordPress Plugin Loco Translate PHP Code Injection (2.5.3)

Oracle Application Server CVE-2008-0349 Vulnerability (CVE-2008-0349)

WordPress Plugin Basic Dev Tools Multiple Cross-Site Scripting Vulnerabilities (1.4.1)

WordPress Plugin Inline Gallery 'do' Parameter Cross-Site Scripting (0.3.9)

MySQL CVE-2014-2484 Vulnerability (CVE-2014-2484)

Severity

Medium

Classification

CVE-2021-39112 CWE-601

Tags

Missing Update Known Vulnerabilities