N/A

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to redirect users to a malicious URL via a reverse tabnapping vulnerability in the Project Shortcuts feature. The affected versions are before version 8.5.15, from version 8.6.0 before 8.13.7, from version 8.14.0 before 8.17.1, and from version 8.18.0 before 8.18.1.

N/A

使用windows.opener访问指向不可信目标的web链接

Atlassian Jira 输入验证错误漏洞

Atlassian Jira是澳大利亚Atlassian公司的一套缺陷跟踪管理系统。该系统主要用于对工作中各类问题、缺陷进行跟踪管理。 Atlassian Jira Server 存在安全漏洞，远程攻击者可以通过项目快捷方式功能中的反向标签漏洞将用户重定向到恶意URL。以下产品及版本收到影响： Atlassian Jira Server before version 8.5.15, from version 8.6.0 before 8.13.7, from version 8.14.0 before 8

N/A

N/A