Fixed
Pinned fields
Click on the next to a field label to start pinning.
Details
Assignee
UnassignedUnassignedReporter
security-metrics-botsecurity-metrics-botPriority
Major
Details
Details
Assignee
Unassigned
UnassignedReporter
security-metrics-bot
security-metrics-botPriority
MajorCreated May 14, 2018 at 4:04 AM
Updated September 25, 2024 at 2:44 AM
Resolved May 14, 2018 at 4:04 AM
The invalidRedirectUrl template in Atlassian Application Links before version 5.2.7, from version 5.3.0 before version 5.3.4 and from version 5.4.0 before version 5.4.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the redirectUrl parameter link in the redirect warning message.