Vulnerability
Description
Jira is a software application used for issue tracking and project management.
Due to a logic flaw in the JiraWhitelist class, the /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.4.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery (SSRF) vulnerability.
Recommendations
- Update JIRA to the latest version
Written by
Summarize:
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 14 days
