Description
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to evade behind-the-firewall protection of app-linked resources via a Broken Authentication vulnerability in the `makeRequest` gadget resource. The affected versions are before version 8.13.3, and from version 8.14.0 before 8.14.1.
Remediation
References
Related Vulnerabilities
OpenSSL Improper Verification of Cryptographic Signature Vulnerability (CVE-2025-15469)
WordPress Plugin Opal Estate Cross-Site Request Forgery (1.6.11)
Oracle HTTP Server CVE-2016-3482 Vulnerability (CVE-2016-3482)
Drupal Core 5.x HTTP Response Splitting (5.0 - 5.2)
WordPress Plugin WP Photo Album Plus 'wppa-album' Parameter SQL Injection (4.1.1)