Affected versions of Atlassian Jira Server and Data Center allow remote attackers to evade behind-the-firewall protection of app-linked resources via a Broken Authentication vulnerability in the `makeRequest` gadget resource.

The affected versions are before version 8.13.3, and from version 8.14.0 before 8.14.1.

Affected versions:

• version < 8.13.3
• 8.14.0 ≤ version < 8.14.1

Fixed versions:

• 8.13.3
• 8.14.1
• 8.15.0