CVE-2017-18096
The CVE concerns Atlassian Application Links: the OAuth status REST resource is affected in versions before 5.2.7, 5.3.0 before 5.3.4, and 5.4.0 before 5.4.3. A remote attacker with administrative rights can trigger a Server Side Request Forgery by creating an OAuth application link to a controll...