Vulnerability
From version 1.3.0 to version 1.9.12, and from version 2.0.0 to version 2.0.4, the Atlassian OAuth Plugin’s IconUriServlet allows remote attackers to read the content of internal network resources and/or launch an XSS attack via Server Side Request Forgery (SSRF).
Mitigation / Precaution
We suggest that you update Jira IconURIServlet in order to fix this vulnerability.
Written by
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
