12 matches found
Jira <8.4.0 - Server-Side Request Forgery
Jira before 8.4.0 is susceptible to server-side request forgery. The /plugins/servlet/gadgets/makeRequest resource contains a logic bug in the JiraWhitelist class, which can allow an attacker to access the content of internal network resources and thus modify data, and/or execute unauthorized...
CVE-2019-8451
creationtimestamp| type| source ---|---|--- 2023-06-16 15:55:55+00:00| seen| https://t.me/criticalbug/975 2023-11-17 08:44:59+00:00| seen| https://t.me/arpsyndicate/242 2024-03-18 07:23:33+00:00| published-proof-of-concept| https://t.me/lostsec/164 2024-10-09 19:49:41+00:00| seen|...
Jira Server-Side Request Forgery (CVE-2019-8451)
A Server Side Request Forgery vulnerability exists in Jira. A remote attacker may exploit this issue by making a specially crafted HTTP request. Successful exploitation would allow attackers to create HTTP requests on behalf of the vulnerable server...
Jaeles - The Swiss Army Knife For Automated Web Application Testing
Jaeles is a powerful, flexible and easily extensible framework written in Go for building your own Web Application Scanner. Installation go get -u github.com/jaeles-project/jaeles Please visit the Official Documention for more details. Checkout Signature Repo for base signature. Usage More usage...
Exploit for Server-Side Request Forgery in Atlassian Jira_Server
Jira CVE-2019-8451 POC Description Proof of concept scan...
Exploit for Server-Side Request Forgery in Atlassian Jira_Server
CVE-2019-8451 Jira未授权SSRF漏洞 python usage python CVE-2019...
SSRF in the /plugins/servlet/gadgets/makeRequest resource - CVE-2019-8451
The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.4.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery SSRF vulnerability due to a logic bug in the JiraWhitelist class...
Atlassian JIRA < 8.4.0 Multiple Vulnerabilities
According to its self-reported version number, the instance of Atlassian JIRA hosted on the remote web server is prior to prior to 8.4.0. It is, therefore, affected by multiple vulnerabilities: - An authorization bypass vulnerability exists in the /rest/issueNav/1/issueTable resource as well as t...
CVE-2019-8451
CVE-2019-8451 affects Jira Server before 8.4.0 with an SSRF in the /plugins/servlet/gadgets/makeRequest endpoint due to a logic bug in JiraWhitelist. An attacker can cause Jira to fetch internal resources and return their responses, enabling access to internal network content. The weakness is pre...
CVE-2019-8451
The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.4.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery SSRF vulnerability due to a logic bug in the JiraWhitelist class. Recent assessments: h0ffayyy at September...
SSRF in the /plugins/servlet/gadgets/makeRequest resource - CVE-2019-8451
The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.4.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery SSRF vulnerability due to a logic bug in the JiraWhitelist class...
SSRF in the /plugins/servlet/gadgets/makeRequest resource - CVE-2019-8451
The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.4.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery SSRF vulnerability due to a logic bug in the JiraWhitelist class. Important Note: The patch is deployed in f...