Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The MessageBundleWhiteList class of atlassian-gadgets before version 4.2.37, from version 4.3.0 before 4.3.14, from version 4.3.2.0 before 4.3.2.4, from version 4.4.0 before 4.4.12, and from version 5.0.0 before 5.0.1 allowed unexpected DNS lookups and requests to arbitrary services as it incorrectly obtained application base url information from the executing http request which could be attacker controlled.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Jira atlassian-gadgets 代码问题漏洞
Vulnerability Description
Jira atlassian-gadgets是美国Jira社区的一个应用插件。提供更改其颜色以及更改其他适合您的偏好来个性化仪表板显示。 atlassian-gadgets 存在安全漏洞,该漏洞源于错误地获得了执行http请求的应用程序基url信息,攻击者可利用该漏洞进行控制。
CVSS Information
N/A
Vulnerability Type
N/A