Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The OAuth status rest resource in Atlassian Application Links before version 5.2.7, from 5.3.0 before 5.3.4 and from 5.4.0 before 5.4.3 allows remote attackers with administrative rights to access the content of internal network resources via a Server Side Request Forgery (SSRF) by creating an OAuth application link to a location they control and then redirecting access from the linked location's OAuth status rest resource to an internal location. When running in an environment like Amazon EC2, this flaw maybe used to access to a metadata resource that provides access credentials and other potentially confidential information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Atlassian Application Links OAuth status rest resource 跨站请求伪造漏洞
Vulnerability Description
Atlassian Application Links是澳大利亚Atlassian公司的一款使用在Atlassian产品中用于创建连接到其他应用程序中的按钮的插件。OAuth status rest resource是其中的一个OAuth身份资源包。 Atlassian Application Links中的OAuth status rest resource存在跨站请求伪造漏洞。远程攻击者可利用该漏洞访问内部网络资源内容。以下版本受到影响:Atlassian Application Links 5.2.
CVSS Information
N/A
Vulnerability Type
N/A