Uploaded image for project: 'FishEye'
  1. FishEye
  2. FE-6885

The bundled Atlassian OAuth plugin allows arbitrary HTTP requests to be proxied - CVE-2017-9506

    XMLWordPrintable

Details

    Description

      The version of the bundled Atlassian OAuth plugin was vulnerable to Server Side Request Forgery (SSRF). This allowed a XSS and or a SSRF attack to be performed. More information about the Atlassian OAuth plugin issue see https://ecosystem.atlassian.net/browse/OAUTH-344 .

      Attachments

        Issue Links

          was cloned as

          Bug - A problem which impairs or prevents the functions of the product. CRUC-8042 The bundled Atlassian OAuth plugin allows arbitrary HTTP requests to be proxied - CVE-2017-9506

          • Medium - Medium priority issues
          • Closed
          is related to

          OAUTH-344 Loading...

          Activity

            People

              Unassigned Unassigned
              pswiecicki Piotr Swiecicki
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: