Description
The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.7.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery (SSRF) vulnerability due to a logic bug in the JiraWhitelist class.
Remediation
References
Related Vulnerabilities
Zope Web Application Server Other Vulnerability (CVE-2002-0687)
WordPress Plugin FireStats Arbitrary File Download (1.6.5)
WordPress Plugin Paytium:Mollie payment forms & donations Cross-Site Scripting (3.1.1)
WordPress 2.3 Cross-Site Scripting Vulnerability (2.3)
WordPress Plugin SEO Redirection-301 Redirect Manager Cross-Site Request Forgery (7.8)