Description
Many resources in Atlassian Jira before version 7.6.9, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3, from version 7.12.0 before version 7.12.3, and before version 7.13.1 allow remote attackers to attack users, in some cases be able to obtain a user's Cross-site request forgery (CSRF) token, via a open redirect vulnerability.
Remediation
References
Related Vulnerabilities
Atlassian Jira CVE-2020-36237 Vulnerability (CVE-2020-36237)
WordPress Plugin WordPress Comment Rating Cross-Site Scripting (1.5.3)
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.31)
MySQL CVE-2013-2395 Vulnerability (CVE-2013-2395)
WordPress Plugin WP Socializer-Simple & Easy Social Media Share Icons Cross-Site Scripting (7.2)