Atlassian Jira Server-Side Request Forgery (CVE-2022-26135)

A server-side request forgery vulnerability exists in Atlassian Jira. Successful exploitation of this vulnerability could allow an attacker to access internal resources...

CVE-2022-26135

creationtimestamp| type| source ---|---|--- 2022-06-30 07:45:39+00:00| seen| https://t.me/poxek/1866 2022-06-30 12:38:23+00:00| seen| https://t.me/cibsecurity/45394 2022-06-30 15:59:04+00:00| seen| Telegram/YwnncP99e-EOuTc4C9ZOd4fkbkttmEZQV0UEbD3Bd1vqXz0 2022-07-05 21:42:38+00:00|...

CVE-2022-26135

A vulnerability in Mobile Plugin for Jira Data Center and Server allows a remote, authenticated user including a user who joined via the sign-up feature to perform a full read server-side request forgery via a batch endpoint. This affects Atlassian Jira Server and Data Center from version 8.0.0...

CVE-2022-26135

CVE-2022-26135 affects Atlassian Jira Server/Data Center and Jira Service Management (Mobile Plugin for Jira) with a server-side request forgery (SSRF) via the batch endpoint. A remote, authenticated user (including sign-up users) can read server-side resources. Affected Jira Server/Data Center v...

Full Read SSRF in Mobile Plugin CVE-2022-26135

A vulnerability in Mobile Plugin for Jira Data Center and Server allows a remote, authenticated user including a user who joined via the sign-up feature to perform a full read server-side request forgery via a batch endpoint. This affects Jira Management Server and Data Center versions from versi...

Full Read SSRF in Mobile Plugin CVE-2022-26135

A vulnerability in Mobile Plugin for Jira Data Center and Server allows a remote, authenticated user including a user who joined via the sign-up feature to perform a full read server-side request forgery via a batch endpoint. This affects Atlassian Jira Server and Data Center from version 8.0.0...