Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-70812

Network enumeration via CSRF in Applinks endpoint

    XMLWordPrintable

Details

    Description

      The Applinks endpoint in Atlassian Jira Server and Data Center in affected versions allows remote attackers to enumerate local network resources via a cross-site request forgery (CSRF) vulnerability.

      Affected versions:

      • version < 8.5.4
      • 8.6.0 ≤ version < 8.7.0

      Fixed versions:

      • 8.5.4
      • 8.7.0

      Attachments

        Activity

          People

            Unassigned Unassigned
            security-metrics-bot Security Metrics Bot
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: