Security Advisory

CVE-2019-20408

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-07-01 01:35:24

Last updated 2024-09-16 17:54:00

Assigner atlassian

State PUBLISHED

Description

The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.7.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery (SSRF) vulnerability due to a logic bug in the JiraWhitelist class.

← Browse all CVEs View on cve.org ↗