CVE-2017-18109 is a vulnerability in Atlassian Crowd
Published on March 29, 2019

The login resource of CrowdId in Atlassian Crowd before version 3.0.2 and from version 3.1.0 before version 3.1.1 allows remote attackers to redirect users to a different website which they may use as part of performing a phishing attack via an open redirect.

NVD

Products Associated with CVE-2017-18109

Want to know whenever a new CVE is published for Atlassian Crowd? stack.watch will email you.

Atlassian Crowd

Affected Versions

Atlassian Crowd:

Version unspecified and below 3.0.2 is affected.
Version 3.1.0 and below unspecified is affected.
Version unspecified and below 3.1.1 is affected.

Exploit Probability

EPSS

0.15%

Percentile

35.08%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2017-18109 is a vulnerability in Atlassian CrowdPublished on March 29, 2019

Products Associated with CVE-2017-18109

Affected Versions

Exploit Probability

CVE-2017-18109 is a vulnerability in Atlassian Crowd
Published on March 29, 2019