CVE-2017-16865

CVE-2017-16865

The Trello importer in Atlassian Jira before version 7.6.1 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery (SSRF). When running in an environment like Amazon EC2, this flaw maybe used to access to a metadata resource that provides access credentials and other potentially confidential information.

Source: CVE-2017-16865

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다