Jamf · Jamf Pro · CVE-2021-35037
Name of the Vulnerable Software and Affected Versions:
Jamf Pro versions prior to 10.30.1
Description:
The issue allows for an unvalidated URL redirect, affecting Jamf Pro customers with on-premises environments. An attacker can craft a URL that appears legitimate but redirects users to an arbitrary, potentially malicious URL when clicked.
Recommendations:
For versions prior to 10.30.1, update to version 10.30.1 or later to resolve the issue. As a temporary workaround, consider restricting access to unvalidated URLs to minimize the risk of exploitation.