CVE-2019-20408
N/A
N/A
Summary
The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.7.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery (SSRF) vulnerability due to a logic bug in the JiraWhitelist class.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Atlassian | Jira Server | unspecified < 8.7.0 | affected |
Weaknesses
- Server Side Request Forgery (SSRF)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.