mirror of
https://github.com/gobysec/GobyVuls.git
synced 2025-05-06 10:41:40 +00:00
13 lines
1.0 KiB
Markdown
13 lines
1.0 KiB
Markdown
|
## Jira Server SSRF (CVE-2022-26135)
|
||
|
|
|
||
|
|
| **Vulnerability** | **Jira Server SSRF (CVE-2022-26135)** |
|
||
|
|
| :----: | :-----|
|
||
|
|
| **Chinese name** | Jira Server 服务端请求伪造 (CVE-2022-26135) |
|
||
|
|
| **CVSS core** | 7.0 |
|
||
|
|
| **FOFA Query** (click to view the results directly)| [body="Signup!default.jspa"](https://fofa.info/result?qbase64=Ym9keT0iU2lnbnVwIWRlZmF1bHQuanNwYSI%3D) |
|
||
|
|
| **Number of assets affected** | 4586 |
|
||
|
|
| **Description** | Atlassian JIRA Server is a server version of a defect tracking management system developed by Atlassian in Australia. The system is mainly used to track and manage various problems and defects in the work. A security vulnerability exists in Atlassian Jira Server. An attacker exploits this vulnerability to perform a server-side request forgery attack via a batch endpoint. |
|
||
|
|
| **Impact** | A security vulnerability exists in Atlassian Jira Server. An attacker exploits this vulnerability to perform a server-side request forgery attack via a batch endpoint. |
|
||
|
|
|
||
|
|
|