Atlassian JIRA Unspecified URI Redirection Vulnerability Network Vulnerability

Summary

Atlassian JIRA is prone to a URI-redirection vulnerability because the application fails to properly sanitize user-supplied input. A successful exploit may aid in phishing attacks other attacks are also possible. Versions prior to Atlassian JIRA 4.2.2 are vulnerable.

Solution

Updates are available. Please see the references for more information.

References

http://confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2011-02-21
http://www.atlassian.com/software/jira/
https://www.securityfocus.com/bid/46461

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Adobe ColdFusion Multiple Cross Site Scripting Vulnerabilities
Apache Struts2/XWork Remote Command Execution Vulnerability
AjaXplorer Remote Command Injection and Local File Disclosure Vulnerabilities
Apache Tomcat 'sendfile' Request Attributes Information Disclosure Vulnerability
Apache Solr Directory Traversal Vulnerability Jan-14

Take action and discover your vulnerabilities