The IconUriServlet of the Atlassian OAuth Plugin from version 1.3.0 before version 1.9.12 and from version 2.0.0 before version 2.0.4 allows remote attackers to access the content of internal network resources and/or perform an XSS attack via Server Side Request Forgery (SSRF).
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: atlassian
Published: 2017-08-23T19:00:00Z
Updated: 2024-09-16T20:51:54.092Z
Reserved: 2017-06-07T00:00:00
Link: CVE-2017-9506
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2017-08-23T19:29:00.197
Modified: 2019-05-10T15:22:38.517
Link: CVE-2017-9506
Redhat
No data.