CVE-2017-18109
N/A
N/A
Summary
The login resource of CrowdId in Atlassian Crowd before version 3.0.2 and from version 3.1.0 before version 3.1.1 allows remote attackers to redirect users to a different website which they may use as part of performing a phishing attack via an open redirect.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Atlassian | Crowd | unspecified < 3.0.2 | affected |
| Atlassian | Crowd | 3.1.0 < unspecified | affected |
| Atlassian | Crowd | unspecified < 3.1.1 | affected |
Weaknesses
- URL Redirection to Untrusted Site ('Open Redirect')
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.