Description
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to evade behind-the-firewall protection of app-linked resources via a Broken Authentication vulnerability in the `makeRequest` gadget resource. The affected versions are before version 8.13.3, and from version 8.14.0 before 8.14.1.
Remediation
References
Related Vulnerabilities
Oracle Database Server Other Vulnerability (CVE-2001-0942)
WordPress Plugin Popup Maker-Popup for opt-ins, lead gen, & more Cross-Site Request Forgery (1.18.0)
Sqlite NULL Pointer Dereference Vulnerability (CVE-2020-13632)
WordPress Plugin Conditional Marketing Mailer for WooCommerce Unspecified Vulnerability (1.6)