Security Advisory

CVE-2019-8451

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-09-11 13:56:26

Last updated 2024-09-16 19:14:27

Assigner atlassian

State PUBLISHED

Description

The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.4.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery (SSRF) vulnerability due to a logic bug in the JiraWhitelist class.

← Browse all CVEs View on cve.org ↗