CVE-2019-20408 (jira)

Leave a reply

The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.7.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery (SSRF) vulnerability due to a logic bug in the JiraWhitelist class.

View Full Alert

Related Posts

  • CVE-2019-20408

    The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.7.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery (SSRF) vulnerability due to a…

  • CVE-2019-19935

    Froala Editor before 3.0.6 allows XSS. View Full Alert

  • CVE-2019-13285

    CoSoSys Endpoint Protector 5.1.0.2 allows Host Header Injection. View Full Alert

Leave a Reply