Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The login.jsp resource in Jira before version 8.5.2, and from version 8.6.0 before version 8.6.1 allows remote attackers to redirect users to a different website which they may use as part of performing a phishing attack via an open redirect in the os_destination parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Atlassian Jira 输入验证错误漏洞
Vulnerability Description
Atlassian Jira是澳大利亚Atlassian公司的一套缺陷跟踪管理系统。该系统主要用于对工作中各类问题、缺陷进行跟踪管理。 Atlassian Jira 8.5.2之前版本和8.6.1之前的8.6.0版本中的login.jsp页面存在输入验证错误漏洞。远程攻击者可利用该漏洞将用户重定向到其他网站,实施钓鱼攻击。
CVSS Information
N/A
Vulnerability Type
N/A