Lucene search
K

6 matches found

VulnCheck KEV
VulnCheck KEV
added 2024/09/19 12:0 a.m.3 views

VulnCheck KEV: CVE-2017-9506

The IconUriServlet of the Atlassian OAuth Plugin from version 1.3.0 before version 1.9.12 and from version 2.0.0 before version 2.0.4 allows remote attackers to access the content of internal network resources and/or perform an XSS attack via Server Side Request Forgery SSRF...

6.1CVSS5.8AI score0.71601EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2020/04/16 12:0 a.m.20 views

Atlassian OAuth Plugin 1.3.0 < 1.9.12 / 2.0.0 < 2.0.4 Server-Side Request Forgery

Atlassian OAuth Plugin from version 1.3.0 to 1.9.11 and from version 2.0.0 to 2.0.3 allows remote attackers to make the target application act as a proxy and perform requests to internal or external resources through the IconUriServlet. Attackers may leverage this vulnerability to conduct...

6.1CVSS6.6AI score0.71601EPSS
Exploits1References4
Atlassian
Atlassian
added 2017/08/30 2:12 a.m.41 views

The bundled Atlassian OAuth plugin allows arbitrary HTTP requests to be proxied - CVE-2017-9506

The version of the bundled Atlassian OAuth plugin was vulnerable to Server Side Request Forgery SSRF. This allowed a XSS and or a SSRF attack to be performed. More information about the Atlassian OAuth plugin issue see https://ecosystem.atlassian.net/browse/OAUTH-344 . When running in an...

6.1CVSS2AI score0.71601EPSS
Exploits1
NVD
NVD
added 2017/08/23 7:29 p.m.18 views

CVE-2017-9506

The IconUriServlet of the Atlassian OAuth Plugin from version 1.3.0 before version 1.9.12 and from version 2.0.0 before version 2.0.4 allows remote attackers to access the content of internal network resources and/or perform an XSS attack via Server Side Request Forgery SSRF...

6.1CVSS6.1AI score0.71601EPSS
Exploits1References5
Prion
Prion
added 2017/08/23 7:29 p.m.24 views

Server side request forgery (ssrf)

The IconUriServlet of the Atlassian OAuth Plugin from version 1.3.0 before version 1.9.12 and from version 2.0.0 before version 2.0.4 allows remote attackers to access the content of internal network resources and/or perform an XSS attack via Server Side Request Forgery SSRF...

4.3CVSS6.4AI score0.71601EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2017/08/23 7:29 p.m.19 views

CVE-2017-9506

The IconUriServlet of the Atlassian OAuth Plugin from version 1.3.0 before version 1.9.12 and from version 2.0.0 before version 2.0.4 allows remote attackers to access the content of internal network resources and/or perform an XSS attack via Server Side Request Forgery SSRF...

6.1CVSS6.1AI score
Exploits0References5
Rows per page
Query Builder