N/A

The login resource of CrowdId in Atlassian Crowd before version 3.0.2 and from version 3.1.0 before version 3.1.1 allows remote attackers to redirect users to a different website which they may use as part of performing a phishing attack via an open redirect.

N/A

N/A

Atlassian Crowd 输入验证错误漏洞

Atlassian Crowd是澳大利亚Atlassian公司的一套基于Web的单点登录系统。该系统为多用户、网络应用程序和目录服务器提供验证、授权等功能。 Atlassian Crowd 3.0.2之前版本和3.1.0版本中存在输入验证错误漏洞，该漏洞源于网络系统或产品未对输入的数据进行正确的验证。

N/A

N/A