The invalidRedirectUrl template in Atlassian Application Links before version 5.2.7, from version 5.3.0 before version 5.3.4 and from version 5.4.0 before version 5.4.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the redirectUrl parameter link in the redirect warning message.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: atlassian
Published: 2018-05-14T13:00:00Z
Updated: 2024-09-17T00:10:37.417Z
Reserved: 2017-11-16T00:00:00
Link: CVE-2017-16860
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-05-14T13:29:00.353
Modified: 2024-11-21T03:17:07.093
Link: CVE-2017-16860
Redhat
No data.