Synopsis
The remote web server hosts an application that is vulnerable to a Server Side Request Forgery (SSRF) attack vector.
Description
The version of JIRA installed on the remote host is earlier than 8.4.0 and is affected by a vulnerability that allows remote attackers to access the content of internal network resources via a Server Side Request Forgery (SSRF) vulnerability due to a logic bug in the JiraWhitelist class.
Solution
Update to JIRA version 8.4.0 or later.