Security for everyone

CVE-2017-9506 Scanner

Detects 'Server-Side-Request-Forgery (SSRF)' vulnerability in Atlassian OAuth Plugin affects v. From 1.3.0 before 1.9.12 and from 2.0.0 before 2.0.4.


Short Info



Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

15 sec

Scan only one




The Atlassian OAuth Plugin is a software component used for authentication by Atlassian's suite of software tools, including JIRA, Confluence, and Bitbucket. The plugin, which is included in these software products, allows users to log in and access secure resources without having to enter their username and password each time. This greatly increases the security of sensitive information and is a key component of Atlassian's security strategy.

One vulnerability that has been detected in the Atlassian OAuth Plugin is CVE-2017-9506. This vulnerability allows remote attackers to access internal network resources and perform an XSS attack via Server-Side Request Forgery (SSRF). This means that an attacker can remotely access and manipulate internal resources on the network, as well as execute malicious code, bypassing the security measures put in place by Atlassian.

If exploited, this vulnerability can lead to a range of serious consequences, including the loss of sensitive information, unauthorized access to systems and data, and damage to the reputation of the affected organization. The possibility of an attacker gaining access to internal network resources without authorization is a major security threat and could cause significant harm.

In conclusion, the Atlassian OAuth Plugin is a critical component of Atlassian's suite of software tools. However, a recently discovered vulnerability in the plugin highlights the importance of taking proactive security measures to protect against potential threats. provides pro features that allow users to stay informed about vulnerabilities in their digital assets, enabling them to take quick and effective action to protect their sensitive information and ensure the safety of their systems and networks.



cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture